Risk 2018

Overview of the different risk assignments of different sources of the documented vulnerabilities.

IDTitleVulDBCVSSSecuniaXForceNessus
163696Apple watchOS Messages authentication spoofing [CVE-2018-4391]medium🔒---
163695Apple macOS Messages authentication spoofing [CVE-2018-4391]medium🔒---
163694Apple watchOS Messages authentication spoofing [CVE-2018-4390]medium🔒---
163693Apple macOS Messages authentication spoofing [CVE-2018-4390]medium🔒---
143480Lenovo ThinkPad BIOS injection [CVE-2018-9062]medium🔒---
132961SalesAgility SuiteCRM cross site scripting [CVE-2018-20816]low🔒---
129942Adobe Acrobat Reader out-of-bounds read [CVE-2018-19722]low🔒---
129941Adobe Acrobat Reader out-of-bounds read [CVE-2018-19719]low🔒--🔒
129937Adobe Acrobat Reader out-of-bounds read [CVE-2018-15997]low🔒--🔒
129936Adobe Acrobat Reader out-of-bounds read [CVE-2018-15989]low🔒--🔒
129935Adobe Acrobat Reader integer overflow [CVE-2018-15986]medium🔒--🔒
129934Adobe Flash Player DLL untrusted search path [CVE-2018-15983]medium🔒--🔒
129933Adobe Flash Player use after free [CVE-2018-15982]medium🔒--🔒
129932Adobe Acrobat Reader information disclosure [CVE-2018-16042]low🔒--🔒
129931Adobe Acrobat Reader integer overflow [CVE-2018-15995]low🔒--🔒
129930Adobe Acrobat Reader integer overflow [CVE-2018-16007]low🔒--🔒
129929Adobe Acrobat Reader integer overflow [CVE-2018-16009]low🔒--🔒
129928Adobe Acrobat Reader out-of-bounds read [CVE-2018-19728]medium🔒--🔒
129927Adobe Acrobat Reader out-of-bounds read [CVE-2018-15984]medium🔒--🔒
129926Adobe Acrobat Reader out-of-bounds read [CVE-2018-15985]medium🔒--🔒
129925Adobe Acrobat Reader out-of-bounds read [CVE-2018-15996]medium🔒--🔒
129924Adobe Acrobat Reader out-of-bounds read [CVE-2018-16001]medium🔒--🔒
129923Adobe Acrobat Reader out-of-bounds read [CVE-2018-16002]medium🔒--🔒
129922Adobe Acrobat Reader out-of-bounds read [CVE-2018-16005]medium🔒--🔒
129921Adobe Acrobat Reader out-of-bounds read [CVE-2018-16006]medium🔒--🔒
129920Adobe Acrobat Reader out-of-bounds read [CVE-2018-16010]medium🔒--🔒
129919Adobe Acrobat Reader out-of-bounds read [CVE-2018-16012]medium🔒--🔒
129918Adobe Acrobat Reader out-of-bounds read [CVE-2018-16013]medium🔒--🔒
129917Adobe Acrobat Reader out-of-bounds read [CVE-2018-16015]medium🔒--🔒
129916Adobe Acrobat Reader out-of-bounds read [CVE-2018-16017]medium🔒--🔒
129915Adobe Acrobat Reader out-of-bounds read [CVE-2018-16019]medium🔒--🔒
129914Adobe Acrobat Reader out-of-bounds read [CVE-2018-16020]medium🔒--🔒
129913Adobe Acrobat Reader out-of-bounds read [CVE-2018-16022]medium🔒--🔒
129912Adobe Acrobat Reader out-of-bounds read [CVE-2018-16023]medium🔒--🔒
129911Adobe Acrobat Reader out-of-bounds read [CVE-2018-16024]medium🔒--🔒
129910Adobe Acrobat Reader out-of-bounds read [CVE-2018-16028]medium🔒--🔒
129909Adobe Acrobat Reader out-of-bounds read [CVE-2018-16030]medium🔒--🔒
129908Adobe Acrobat Reader out-of-bounds read [CVE-2018-16031]medium🔒--🔒
129907Adobe Acrobat Reader out-of-bounds read [CVE-2018-16032]medium🔒--🔒
129906Adobe Acrobat Reader out-of-bounds read [CVE-2018-16033]medium🔒--🔒
129905Adobe Acrobat Reader out-of-bounds read [CVE-2018-16034]medium🔒--🔒
129904Adobe Acrobat Reader out-of-bounds read [CVE-2018-16035]medium🔒--🔒
129903Adobe Acrobat Reader out-of-bounds read [CVE-2018-16038]medium🔒--🔒
129902Adobe Acrobat Reader out-of-bounds read [CVE-2018-16041]medium🔒--🔒
129901Adobe Acrobat Reader out-of-bounds read [CVE-2018-16043]medium🔒--🔒
129900Adobe Acrobat Reader out-of-bounds read [CVE-2018-16047]medium🔒--🔒
129899Adobe Acrobat Reader out-of-bounds read [CVE-2018-19699]medium🔒--🔒
129898Adobe Acrobat Reader out-of-bounds read [CVE-2018-19701]medium🔒--🔒
129897Adobe Acrobat Reader out-of-bounds read [CVE-2018-19703]medium🔒--🔒
129896Adobe Acrobat Reader out-of-bounds read [CVE-2018-19704]medium🔒--🔒
129895Adobe Acrobat Reader out-of-bounds read [CVE-2018-19705]medium🔒--🔒
129894Adobe Acrobat Reader out-of-bounds read [CVE-2018-19706]medium🔒--🔒
129893Adobe Acrobat Reader out-of-bounds read [CVE-2018-19709]medium🔒--🔒
129892Adobe Acrobat Reader out-of-bounds read [CVE-2018-19710]medium🔒--🔒
129891Adobe Acrobat Reader out-of-bounds read [CVE-2018-19711]medium🔒--🔒
129890Adobe Acrobat Reader out-of-bounds read [CVE-2018-19712]medium🔒--🔒
129889Adobe Acrobat Reader out-of-bounds read [CVE-2018-19714]medium🔒--🔒
129888Adobe Acrobat Reader out-of-bounds read [CVE-2018-19717]medium🔒--🔒
129887Adobe Acrobat Reader memory corruption [CVE-2018-12830]medium🔒--🔒
129886Adobe Acrobat Reader memory corruption [CVE-2018-16021]medium🔒--🔒
129885Adobe Acrobat Reader memory corruption [CVE-2018-19716]medium🔒--🔒
129884Adobe Acrobat Reader out-of-bounds write [CVE-2018-15988]medium🔒--🔒
129883Adobe Acrobat Reader out-of-bounds write [CVE-2018-15999]medium🔒--🔒
129882Adobe Acrobat Reader out-of-bounds write [CVE-2018-16000]medium🔒--🔒
129881Adobe Acrobat Reader out-of-bounds write [CVE-2018-16016]medium🔒--🔒
129880Adobe Acrobat Reader out-of-bounds write [CVE-2018-19702]medium🔒--🔒
129879Adobe Acrobat Reader use after free [CVE-2018-15990]medium🔒--🔒
129878Adobe Acrobat Reader use after free [CVE-2018-15991]medium🔒--🔒
129877Adobe Acrobat Reader use after free [CVE-2018-15992]medium🔒--🔒
129876Adobe Acrobat Reader use after free [CVE-2018-15993]medium🔒--🔒
129875Adobe Acrobat Reader use after free [CVE-2018-15994]medium🔒--🔒
129874Adobe Acrobat Reader use after free [CVE-2018-16003]medium🔒--🔒
129873Adobe Acrobat Reader use after free [CVE-2018-16008]medium🔒--🔒
129872Adobe Acrobat Reader use after free [CVE-2018-16014]medium🔒--🔒
129871Adobe Acrobat Reader use after free [CVE-2018-16025]medium🔒--🔒
129870Adobe Acrobat Reader use after free [CVE-2018-16026]medium🔒--🔒
129869Adobe Acrobat Reader use after free [CVE-2018-16027]medium🔒--🔒
129868Adobe Acrobat Reader use after free [CVE-2018-16029]medium🔒--🔒
129867Adobe Acrobat Reader use after free [CVE-2018-16036]medium🔒--🔒
129866Adobe Acrobat Reader use after free [CVE-2018-16037]medium🔒--🔒
129865Adobe Acrobat Reader use after free [CVE-2018-16039]medium🔒--🔒
129864Adobe Acrobat Reader use after free [CVE-2018-16040]medium🔒--🔒
129863Adobe Acrobat Reader use after free [CVE-2018-16046]medium🔒--🔒
129862Adobe Acrobat Reader use after free [CVE-2018-19698]medium🔒--🔒
129861Adobe Acrobat Reader use after free [CVE-2018-19700]medium🔒--🔒
129860Adobe Acrobat Reader use after free [CVE-2018-19707]medium🔒--🔒
129859Adobe Acrobat Reader use after free [CVE-2018-19708]medium🔒--🔒
129858Adobe Acrobat Reader use after free [CVE-2018-19713]medium🔒--🔒
129857Adobe Acrobat Reader use after free [CVE-2018-19715]medium🔒--🔒
129856Adobe Acrobat Reader access control [CVE-2018-16045]medium🔒--🔒
129855Adobe Acrobat Reader access control [CVE-2018-16044]medium🔒--🔒
129854Adobe Acrobat Reader null pointer dereference [CVE-2018-19720]medium🔒--🔒
129853Adobe Acrobat Reader null pointer dereference [CVE-2018-16004]medium🔒--🔒
129852Adobe Acrobat Reader memory corruption [CVE-2018-15987]medium🔒--🔒
129851Adobe Acrobat Reader memory corruption [CVE-2018-15998]medium🔒--🔒
129137Apple macOS memory corruption [CVE-2018-4404]medium🔒---
129136Apple iTunes input validation [CVE-2018-4213]medium🔒--🔒
129135Apple watchOS input validation [CVE-2018-4213]medium🔒--🔒
129134Apple tvOS input validation [CVE-2018-4213]medium🔒--🔒
129133Apple iCloud input validation [CVE-2018-4213]medium🔒--🔒
129132Apple Safari input validation [CVE-2018-4213]medium🔒--🔒
129131Apple iTunes assertion [CVE-2018-4212]medium🔒--🔒
129130Apple watchOS assertion [CVE-2018-4212]medium🔒--🔒
129129Apple tvOS assertion [CVE-2018-4212]medium🔒--🔒
129128Apple iCloud assertion [CVE-2018-4212]medium🔒--🔒
129127Apple Safari assertion [CVE-2018-4212]medium🔒--🔒
129126Apple iTunes Javascript Core array index [CVE-2018-4210]medium🔒--🔒
129125Apple watchOS Javascript Core array index [CVE-2018-4210]medium🔒--🔒
129124Apple tvOS Javascript Core array index [CVE-2018-4210]medium🔒--🔒
129123Apple Safari Javascript Core array index [CVE-2018-4210]medium🔒--🔒
129122Apple iTunes input validation [CVE-2018-4209]medium🔒--🔒
129121Apple watchOS input validation [CVE-2018-4209]medium🔒--🔒
129120Apple tvOS input validation [CVE-2018-4209]medium🔒--🔒
129119Apple iCloud input validation [CVE-2018-4209]medium🔒--🔒
129118Apple Safari input validation [CVE-2018-4209]medium🔒--🔒
129117Apple iTunes input validation [CVE-2018-4208]medium🔒--🔒
129116Apple watchOS input validation [CVE-2018-4208]medium🔒--🔒
129115Apple tvOS input validation [CVE-2018-4208]medium🔒--🔒
129114Apple iCloud input validation [CVE-2018-4208]medium🔒--🔒
129113Apple Safari input validation [CVE-2018-4208]medium🔒--🔒
129112Apple iTunes input validation [CVE-2018-4207]medium🔒--🔒
129111Apple watchOS input validation [CVE-2018-4207]medium🔒--🔒
129110Apple tvOS input validation [CVE-2018-4207]medium🔒--🔒
129109Apple iCloud input validation [CVE-2018-4207]medium🔒--🔒
129108Apple Safari input validation [CVE-2018-4207]medium🔒--🔒
129107Apple macOS out-of-bounds read [CVE-2018-4194]medium🔒---
129106Apple iTunes out-of-bounds read [CVE-2018-4194]medium🔒---
129105Apple watchOS out-of-bounds read [CVE-2018-4194]medium🔒---
129104Apple iCloud out-of-bounds read [CVE-2018-4194]medium🔒---
129103Apple tvOS memory corruption [CVE-2018-4189]medium🔒---
129102Apple watchOS memory corruption [CVE-2018-4189]medium🔒---
129101Apple macOS memory corruption [CVE-2018-4189]medium🔒---
129100Apple macOS State information disclosure [CVE-2018-4185]low🔒---
129099Apple watchOS State information disclosure [CVE-2018-4185]low🔒---
129098Apple tvOS State information disclosure [CVE-2018-4185]low🔒---
129097Apple iOS memory corruption [CVE-2018-4147]medium🔒---
129096Apple iTunes memory corruption [CVE-2018-4147]medium🔒---
129095Apple Safari memory corruption [CVE-2018-4147]medium🔒---
129073Apple iOS memory corruption [CVE-2018-4404]medium🔒---
129072Apple iOS memory corruption [CVE-2018-4330]medium🔒---
129071Apple macOS Remote Management permission [CVE-2018-4298]medium🔒---
129070Apple macOS memory corruption [CVE-2018-4258]medium🔒---
129069Apple macOS Size Validation memory corruption [CVE-2018-4257]medium🔒---
129068Apple macOS out-of-bounds read [CVE-2018-4256]medium🔒---
129067Apple macOS out-of-bounds read [CVE-2018-4255]medium🔒---
129066Apple macOS Kernel input validation [CVE-2018-4254]high🔒---
129065Apple macOS Open Directory 7pk security [CVE-2018-4217]medium🔒---
129064Apple iOS input validation [CVE-2018-4213]medium🔒--🔒
129063Apple iOS assertion [CVE-2018-4212]medium🔒--🔒
129062Apple iOS Javascript Core array index [CVE-2018-4210]medium🔒--🔒
129061Apple iOS input validation [CVE-2018-4209]medium🔒--🔒
129060Apple iOS input validation [CVE-2018-4208]medium🔒--🔒
129059Apple iOS input validation [CVE-2018-4207]medium🔒--🔒
129058Apple iOS out-of-bounds read [CVE-2018-4194]medium🔒---
129057Apple iOS memory corruption [CVE-2018-4189]medium🔒---
129056Apple Safari Private Browsing information disclosure [CVE-2018-4186]medium🔒---
129055Apple iOS State information disclosure [CVE-2018-4185]low🔒---
129054Apple macOS improper authorization [CVE-2018-4183]medium🔒--🔒
129053Apple macOS CUPS improper authorization [CVE-2018-4182]medium🔒--🔒
129052Apple macOS CUPS improper authorization [CVE-2018-4181]medium🔒--🔒
129051Apple macOS CUPS improper authorization [CVE-2018-4180]medium🔒--🔒
129050Apple macOS Smartcard PIN information disclosure [CVE-2018-4179]low🔒---
129049Apple macOS out-of-bounds read [CVE-2018-4169]medium🔒---
129048Apple iCloud memory corruption [CVE-2018-4147]medium🔒---
129038Apple macOS Credentials access control [CVE-2017-13889]high🔒---
128730Microsoft Windows JET Database Engine memory corruption [CVE-2019-0538]medium🔒--🔒
128608McAfee Application Control/Change Control Whitelist access controlmedium🔒---
128607Proxygen HTTP2 Parser input validation [CVE-2018-6347]low🔒---
128606Proxygen HTTP2 Priority Setting 7pk error [CVE-2018-6346]low🔒---
128605WhatsApp Messenger RTP Packet memory corruption [CVE-2018-6344]low🔒---
128604Proxygen Certificate Validation input validation [CVE-2018-6343]low🔒---
128603react-dev-utils Webserver cross-site request forgery [CVE-2018-6342]low🔒---
128602React ReactDOMServer API cross site scripting [CVE-2018-6341]low🔒---
128601HHVM getextendedstats out-of-bounds readmedium🔒---
128600HHVM secureRandom memory corruptionmedium🔒---
128599osquery Code Signing 7pk security [CVE-2018-6336]medium🔒--🔒
128598HHVM Proxygen out_of_range input validationlow🔒---
128597HHVM Multipart File Upload input validation [CVE-2018-6334]high🔒---
128596Nuclide Deep Link input validation [CVE-2018-6333]low🔒---
128595Buck Java Serialized Object deserialization [CVE-2018-6331]medium🔒---
128594GNU binutils elfcomm.c process_archive use after freemedium🔒---
128593Jasper jas_malloc.c resource managementlow🔒--🔒
128592ok-file-formats ok_mo.c ok_mo_decode2 memory corruptionmedium🔒---
128591VideoLAN VLC Media Player Passcode access control [CVE-2018-19937]medium🔒---
128590CuppaCMS cu_views cross site scriptinglow🔒---
128589razorCMS page Stored cross site scriptinglow🔒---
128588razorCMS page cross site scriptinglow🔒---
128587XSLT CMS Persistent cross site scripting [CVE-2018-19904]low🔒---
128586XSLT CMS Persistent cross site scripting [CVE-2018-19903]low🔒---
128585No-CMS manage_article Persistent cross site scriptinglow🔒---
128584No-CMS Persistent cross site scripting [CVE-2018-19901]low🔒---
128583GetSimple CMS edit.php Stored cross site scriptinglow🔒---
128582Frog CMS cross site scripting [CVE-2018-19844]low🔒---
128581Guardzilla Smart Camera Cloud API User 7pk securitylow🔒---
128580Guardzilla GZ621W Cloud Communication TK_set_deviceModel_req_handle memory corruptionmedium🔒---
128579Guardzilla GZ180 Remote Upgrade command injection [CVE-2018-18600]medium🔒---
128578UCMDB Configuration Management Service path traversal [CVE-2018-18593]medium🔒---
128577ok-file-formats ok_csv.c ok_csv_decode2 memory corruptionmedium🔒---
128576ok-file-formats ok_wav.c ok_wav_decode_ms_adpcm_data memory corruptionmedium🔒---
128575Apache NetBeans Proxy Auto-Config command injection [CVE-2018-17191]medium🔒---
128574CIM Install install.php input validationmedium🔒---
128573TEMMOKU add cross-site request forgerylow🔒---
128572UWA cross-site request forgery [CVE-2018-20612]low🔒---
128571imcat Cookie cross site scripting [CVE-2018-20611]low🔒---
128570imcat adm.php path traversalmedium🔒---
128569imcat check.php information disclosurelow🔒---
128568imcat phpinfo information disclosure [CVE-2018-20608]low🔒---
128567imcat binfo.php Debug information disclosurelow🔒---
128566imcat Path information disclosure [CVE-2018-20606]low🔒---
128565imcat adm.php code injectionmedium🔒---
128564LFCMS path traversal [CVE-2018-20604]low🔒---
128563LFCMS cross-site request forgery [CVE-2018-20603]low🔒---
128562LFCMS Path information disclosure [CVE-2018-20602]low🔒---
128561UCMS index.php cross site scriptinglow🔒---
128560UCMS cedit.php cross site scriptinglow🔒---
128559UCMS index.php code injectionmedium🔒---
128558UCMS cross-site request forgery [CVE-2018-20598]low🔒---
128557UCMS index.php cross site scriptinglow🔒---
128556XCMS server-side request forgery [CVE-2018-20596]medium🔒---
128555HSWeb OAuth2ClientController.java cross-site request forgerylow🔒---
128554HSWeb FlowableModelManagerController.java Reflected cross site scriptinglow🔒---
128553Mini-XML mxmldoc.c scan_file memory corruptionmedium🔒---
128552Mini-XML mxml-node.c mxmlAdd use after freemedium🔒---
128551libming decompile.c decompileJUMP out-of-bounds readmedium🔒---
128550Ivan Cordoba Generic Content Management System users.php cross site scriptinglow🔒---
128549Ivan Cordoba Generic Content Management System add_pictures.php cross site scriptinglow🔒---
128548otfcc unicodeconv.c out-of-bounds read [CVE-2018-20588]medium🔒---
128547Jasper jp2 Converter memory corruption [CVE-2018-20584]low🔒--🔒
128546PHP League CommonMark library cross site scripting [CVE-2018-20583]low🔒---
128545ZTE ZXV10 W300 improper authorization [CVE-2018-7366]medium🔒---
128544ML Report activex unrestricted uploadmedium🔒---
128543DEXTUploadX5 activex input validationmedium🔒---
128542Contiki-NG jsonparse.c push memory corruptionmedium🔒---
128541NuttX netlib_parsehttpurl.c netlib_parsehttpurl resource consumptionlow🔒---
128540Orange Livebox restore.exe cross-site request forgerylow🔒---
128539Orange Livebox autodialing.exe cross-site request forgerylow🔒---
128538Orange Livebox system_firmwarel.stm input validationmedium🔒---
128537yaml-cpp YAML File HandleFlowMap memory corruptionlow🔒---
128536yaml-cpp EnsureTokensInQueue memory corruptionlow🔒---
128535WUZHI CMS copyfrom.php sql injectionmedium🔒---
128534DamiCMS Config information disclosure [CVE-2018-20571]low🔒---
128533Jasper jp2_enc.c jp2_encode out-of-bounds readmedium🔒--🔒
128532Ivan Cordoba Generic Content Management System index.php sql injectionmedium🔒---
128531Ivan Cordoba Generic Content Management System index.php sql injectionmedium🔒---
128530DouCo DouPHP index.php access controllow🔒---
128529DouCo DouPHP Error Message Path path traversallow🔒---
128528DouCo DouPHP cross site scripting [CVE-2018-20565]low🔒---
128527DouCo DouPHP cross site scripting [CVE-2018-20564]low🔒---
128526DouCo DouPHP cross site scripting [CVE-2018-20563]low🔒---
128525DouCo DouPHP cross site scripting [CVE-2018-20562]low🔒---
128524DouCo DouPHP cross site scripting [CVE-2018-20561]low🔒---
128523DouCo DouPHP cross site scripting [CVE-2018-20560]low🔒---
128522DouCo DouPHP cross site scripting [CVE-2018-20559]low🔒---
128521DouCo DouPHP cross site scripting [CVE-2018-20558]low🔒---
128520DouCo DouPHP cross site scripting [CVE-2018-20557]low🔒---
128519tcpreplay get.c get_l2len out-of-bounds readmedium🔒---
128518tcpreplay tree.c packet2tree out-of-bounds readmedium🔒---
128517Poppler Annot.c getString input validationlow🔒--🔒
128516libcaca file.c caca_file_read integer overflowmedium🔒--🔒
128515libcaca common-image.c load_image integer overflowmedium🔒--🔒
128514libcaca dither.c get_rgba_default integer overflowmedium🔒--🔒
128513libcaca dither.c get_rgba_default integer overflowmedium🔒--🔒
128512libcaca common-image.c load_image integer overflowmedium🔒--🔒
128511libcaca dither.c caca_dither_bitmap Floating Point divide by zerolow🔒--🔒
128510LIBXSMM generator_spgemm_csc_reader.c libxsmm_sparse_csc_reader resource consumptionlow🔒---
128509LIBXSMM generator_spgemm_csc_reader.c libxsmm_sparse_csc_reader memory corruptionmedium🔒---
128508LIBXSMM generator_spgemm_csc_reader.c libxsmm_sparse_csc_reader memory corruptionmedium🔒---
128507libLAS liblas.hpp Open resource managementlow🔒---
128506libLAS spatialreference.cpp GetGTIF input validationlow🔒---
128505Netwide Assembler preproc.c pp_getline use after freemedium🔒---
128504libLAS spatialreference.cpp GetGTIF null pointer dereferencelow🔒---
128503libLAS spatialreference.cpp GetGTIF out-of-bounds readmedium🔒---
128502Netwide Assembler preproc.c pp_getline use after freemedium🔒---
128501libsolv pool.h pool_whatprovides resource managementlow🔒---
128500libsolv testcase.c null pointer dereferencelow🔒---
128499libsolv testcase.c testcase_read null pointer dereferencelow🔒---
128498PHP Scripts Mall Website Seller Script Profile cross site scriptinglow🔒---
128497JEECMS getRemoteImage.jspx server-side request forgerymedium🔒---
128496Microstrategy Analytics main.aspx cross-site request forgerylow🔒---
128495Pylon mintToken integer overflowmedium🔒---
128494SwftCoin mintToken integer overflowmedium🔒---
128493Nexxus NXX mintToken integer overflowmedium🔒---
128492IP Infusion ZebOS/OcNOS BGP Daemon input validation [CVE-2018-17539]low🔒--🔒
128491Evolution CMS cross site scripting [CVE-2018-16638]low🔒---
128490Evolution CMS cross site scripting [CVE-2018-16637]low🔒---
128489Mezzanine CMS cross site scripting [CVE-2018-16632]low🔒---
128488Kirby cross site scripting [CVE-2018-16630]low🔒---
128487F5 APM OAuth Resource Server improper authorization [CVE-2018-15335]low🔒--🔒
128486APM WebTop cross-site request forgery [CVE-2018-15334]low🔒---
128485F5 BIG-IP Configuration Utility unrestricted upload [CVE-2018-15333]low🔒---
128484Sky Elite com.adups.fota.sysoper.WriteCommandReceiver os command injectionmedium🔒---
128483ZTE ZMAX Champ com.android.zte.hiddenmenu resource managementmedium🔒---
128482ZTE ZMAX Champ Mobile Device Management access control [CVE-2018-15005]medium🔒---
128481Coolpad Canvas com.qualcomm.qti.modemtestmode log file [CVE-2018-15004]medium🔒---
128480Vivo V7 com.android.phone log file [CVE-2018-15002]medium🔒---
128479Vivo V7 com.vivo.bsptest log file [CVE-2018-15001]low🔒---
128478Leagoo P1 adb access control [CVE-2018-14998]medium🔒---
128477ZTE Blade Vantage/Blade Spark/ZMAX Pro/ZMAX Champ com.android.modem.service log filelow🔒---
128476Asus ZenFone 3 Max com.asus.dm 7pk security [CVE-2018-14992]medium🔒---
128475MXQ TV Box com.android.server.SystemRestoreReceiver input validationmedium🔒---
128474MXQ TV Box com.android.server.MasterClearReceiver Factory Reset permissionmedium🔒---
128473Leagoo Z5C com.android.messaging information disclosure [CVE-2018-14986]low🔒---
128472Leagoo Z5C com.android.settings Factory Reset access controlmedium🔒---
128471Leagoo Z5C com.android.messaging information disclosure [CVE-2018-14984]medium🔒---
128470Asus ZenFone 3 Max com.asus.loguploader information disclosurelow🔒---
128469FrontAccounting attachments.php Time-Based sql injectionmedium🔒---
128468Logisim Evolution XML Data XmlReader.java loadXmlFrom xml external entity referencemedium🔒---
128467PEAR Archive_Tar Unserialize deserialization [CVE-2018-1000888]medium🔒--🔒
128466Peel SHOPPING cross site scripting [CVE-2018-1000887]low🔒---
128465Battelle V2I Hub Back-End Database PluginStatus.cpp user_info sql injectionmedium🔒---
128464Battelle V2I Hub Back-End Database PluginStatusActions.php sql injectionmedium🔒---
128463Battelle V2I Hub cross site scripting [CVE-2018-1000629]low🔒---
128462Battelle V2I Hub API strcmp access controlmedium🔒---
128461Battelle V2I Hub API credentials management [CVE-2018-1000627]low🔒---
128460Battelle V2I Hub API 7pk security [CVE-2018-1000626]medium🔒---
128459Battelle V2I Hub hard-coded credentials [CVE-2018-1000625]medium🔒---
128458Battelle V2I Hub powerdown.php access controllow🔒---
128457Chat Anywhere Extension Content Security Policy cross site scriptinglow🔒---
128456miniCMS post-edit.php cross site scriptinglow🔒---
12845574cms input validation [CVE-2018-20519]medium🔒---
128454Linux Kernel ipddp.c ipddp_ioctl Address information disclosurelow🔒--🔒
128453CrashFix UserController.php search sql injectionmedium🔒---
128452Bento4 Ap4HvccAtom.cpp Create resource consumptionlow🔒---
128451MetInfo login_check.php cross site scriptinglow🔒---
128450VIA Technologies EPIA-E900 SmartETK Driver ETK_E900.sys Blue Screen input validationmedium🔒---
128449MIT Kerberos input validation [CVE-2018-20217]medium🔒--🔒
128448Qt BMP Data QBmpHandler memory corruptionmedium🔒--🔒
128447Qt QTgaFile resource consumptionlow🔒--🔒
128446Qt QGifHandler null pointer dereferencemedium🔒--🔒
128445Qt SVG Image qsvghandler.cpp input validationmedium🔒--🔒
128444Dolibarr ERP/CRM export.php cross site scriptinglow🔒---
128443Rockwell Automation Allen-Bradley PowerMonitor 1000 Access Control access controlmedium🔒---
128442Rockwell Automation Allen-Bradley PowerMonitor 1000 Security.shtm Stored cross site scriptinglow🔒---
128441Engelsystem cross-site request forgery [CVE-2018-19182]low🔒---
128440Asus Aura Sync GLCKIo Low-Level Driver 7pk security [CVE-2018-18537]medium🔒---
128439Asus Aura Sync GLCKIo/Asusgio access control [CVE-2018-18536]medium🔒---
128438Asus Aura Sync Asusgio Low-Level Driver access control [CVE-2018-18535]medium🔒---
128437HashHeroes Tiles determineWinner random valuesmedium🔒---
128436Qt QXmlStream double free [CVE-2018-15518]medium🔒--🔒
128435NEC Univerge Sv9100 WebPro Web UI Credentials credentials managementmedium🔒---
128434NEC Univerge Sv9100 WebPro Home.htm information disclosurelow🔒---
128433Zoho ManageEngine ADSelfService Plus Employee Search Feature cross site scriptinglow🔒---
128432Zoho ManageEngine ADSelfService Plus Self-Update Layout cross site scriptinglow🔒---
128431GNU wget xattr.c set_file_metadata credentials managementlow🔒--🔒
128430GNU tar sparse.c sparse_dump_region out-of-bounds readlow🔒--🔒
128429Poppler XRef.cc getEntry null pointer dereferencelow🔒--🔒
128428S-Cms pic.php sql injectionmedium🔒---
128427S-Cms sql injection [CVE-2018-20479]medium🔒---
128426S-Cms download.php information disclosurelow🔒---
128425S-Cms callback1.php sql injectionmedium🔒---
128424S-Cms demo.php cross site scriptinglow🔒---
128423ImageMagick bmp.c resource managementlow🔒--🔒
128422Craft CMS craft.app.config.DB.user information disclosure [CVE-2018-20465]low🔒---
128421CMS Made Simple myaccount.php Reflected cross site scriptinglow🔒---
128420JSmol2WP Plugin path traversal [CVE-2018-20463]medium🔒---
128419JSmol2WP Plugin jsmol.php cross site scriptinglow🔒---
128418radare2 cmd_anal.c core_anal_bytes out-of-bounds readmedium🔒--🔒
128417radare2 armass64.c parseOperands memory corruptionmedium🔒--🔒
128416radare2 armass.c armass_assemble out-of-bounds readmedium🔒--🔒
128415radare2 dyldcache.c r_bin_dyldcache_extract out-of-bounds readmedium🔒--🔒
128414radare2 asm_arm_cs.c assemble out-of-bounds readmedium🔒--🔒
128413radare2 asm_x86_nz.c parseOperand out-of-bounds readmedium🔒--🔒
128412radare2 asm_x86_nz.c parseOperand memory corruptionmedium🔒--🔒
12841174cms cross site scripting [CVE-2018-20454]low🔒---
128410libdoc numutils.c getlong out-of-bounds readmedium🔒---
128409libxls ole.c ole2_read_header memory corruptionmedium🔒---
128408libdoc reader.c process_file memory corruptionmedium🔒---
128407libxls ole.c read_MSAT double freelow🔒---
128406Frog CMS index.php cross site scriptinglow🔒---
128405D-Link DCM-604/DCM-704 Credentials credentials management [CVE-2018-20445]low🔒---
128404Technicolor CGA0111 Credentials credentials management [CVE-2018-20444]low🔒---
128403Technicolor TC7200.d1I Credentials credentials management [CVE-2018-20443]low🔒---
128402Technicolor TC7110.B Credentials credentials management [CVE-2018-20442]low🔒---
128401Technicolor TC7200.TH2v2 Credentials credentials management [CVE-2018-20441]low🔒---
128400Technicolor CWA0101 Credentials credentials management [CVE-2018-20440]low🔒---
128399Technicolor DPC3928SL Credentials credentials management [CVE-2018-20439]low🔒---
128398Technicolor TC7110.AR Credentials credentials management [CVE-2018-20438]low🔒---
128397FEBS-Shiro fileDownload path traversal [Disputed]low🔒---
128396SuSE Repository Mirroring Tool YaST2 RMT Module Password improper authenticationlow🔒--🔒
128395QNAP Q'center Virtual Appliance cross site scripting [CVE-2018-0724]low🔒---
128394QNAP Q'center Virtual Appliance cross site scripting [CVE-2018-0723]low🔒---
128393Synology DiskStation Manager Log Exporter injection [CVE-2018-8920]medium🔒---
128392Synology DiskStation Manager SYNO.Core.Desktop.SessionData information disclosurelow🔒---
128391Synology Router Manager info.cgi cross site scriptinglow🔒---
128390Synology DiskStation Manager info.cgi cross site scriptinglow🔒---
128389IIoT Monitor XML Data xml external entity reference [CVE-2018-7837]medium🔒---
128388IIoT Monitor File Upload unrestricted upload [CVE-2018-7836]medium🔒---
128387IIoT Monitor path traversal [CVE-2018-7835]medium🔒---
128386Pro-face GP-Pro EX input validation [CVE-2018-7832]medium🔒---
128385EVLink Parking Web Interface sql injection [CVE-2018-7802]medium🔒---
128384EVLink Parking code injection [CVE-2018-7801]medium🔒---
128383EVLink Parking hard-coded credentials [CVE-2018-7800]medium🔒---
128382PowerSuite 2 memcpy memory corruptionmedium🔒---
128381FoxView HMI SCADA Credential Management credentials managementmedium🔒---
128380Telegram Secret Chat server-side request forgery [CVE-2018-20436]medium🔒---
128379c2p0 C3P0ConfigXmlUtils.java extractXmlConfigFromInputStream xml external entity referencemedium🔒--🔒
128378Foxit Quick PDF Library xref Entry DAOpenFileReadOnly memory corruptionmedium🔒---
128377Foxit Quick PDF Library xref Table DAOpenFileReadOnly memory corruptionmedium🔒---
128376Foxit Quick PDF Library Tree Structure LoadFromStream memory corruptionmedium🔒---
128375XMPlay m3u File memory corruption [CVE-2018-19357]medium🔒---
128374Epson WorkForce WF-2861 Web Service ROM1 input validationmedium🔒---
128373Epson WorkForce WF-2861 Web Service ROM1 input validationlow🔒---
128372Epson WorkForce WF-2861 SNMP Service Amplification input validationlow🔒---
128371Epson WorkForce WF-2861 Web Page BONJOUR input validationlow🔒---
128370Xiaomi Mi A1 Logcat 7pk security [CVE-2018-18698]low🔒---
128369Apache Tika SQLite3Parser resource consumption [CVE-2018-17197]medium🔒---
128368Cisco ASA Web Management Interface improper authorization [CVE-2018-15465]medium🔒--🔒
128367GNU Libextractor ole2_extractor.c process_metadata null pointer dereferencelow🔒--🔒
128366GNU Libextractor ole2_extractor.c history_extract out-of-bounds readmedium🔒--🔒
128365libming decompile.c getName null pointer dereferencelow🔒---
128364libming decompile.c strlenext null pointer dereferencelow🔒---
128363libming decompile.c getInt null pointer dereferencelow🔒---
128362libming decompile.c newVar3 null pointer dereferencelow🔒---
128361libming decompile.c pushdup null pointer dereferencelow🔒---
128360Discuz! DiscuzX WeChat Login plugin.php input validationlow🔒---
128359Discuz! DiscuzX WeChat Login plugin.php 7pk securitymedium🔒---
128358Discuz! DiscuzX WeChat Login plugin.php access controlmedium🔒---
128357Go Ethereum resource management [CVE-2018-20421]low🔒---
128356webERP Access Control Z_CreateCompanyTemplateFile.php access controllow🔒---
128355DouCo DouPHP cross-site request forgery [CVE-2018-20419]low🔒---
128354Craft CMS cross site scripting [CVE-2018-20418]low🔒---
128353WellinTech KingSCADA AlarmServer AEserver.exe memory corruptionmedium🔒---
128352Bento4 Ap4AvccAtom.cpp Create memory corruptionmedium🔒---
128351Bento4 Ap4StdCFileByteStream.cpp Create resource managementlow🔒---
128350Bento4 Ap4DescriptorFactory.cpp CreateDescriptorFromStream resource managementlow🔒---
128349Python _pickle.c integer overflowmedium🔒--🔒
128348BigTree CMS Path information disclosure [CVE-2018-20405]low🔒---
128347Safe Software FME Server access control [CVE-2018-20402]medium🔒---
128346Zoom 5352 Credentials credentials management [CVE-2018-20401]low🔒---
128345Ubee DVW2108/DVW2110 Credentials credentials management [CVE-2018-20400]low🔒---
128344Motorola SBG901/SBG941/SVG1202 Credentials credentials managementlow🔒---
128343Skyworth CM5100.g2 Credentials credentials management [CVE-2018-20398]low🔒---
128342mplus CBC383Z Credentials credentials management [CVE-2018-20397]low🔒---
128341NET&SYS MNG2120J/MNG6300 Credentials credentials management [CVE-2018-20396]low🔒---
128340Netwave MNG6200 Credentials credentials management [CVE-2018-20395]low🔒---
128339Thomson DWG849/DWG850-4/DWG855/TWG870 Credentials credentials managementlow🔒---
128338Technicolor TC7200.TH2v2 Credentials credentials management [CVE-2018-20393]low🔒---
128337S-A WebSTAR DPC2100 Credentials credentials management [CVE-2018-20392]low🔒---
128336TEKNOTEL CBW700N Credentials credentials management [CVE-2018-20391]low🔒---
128335Kaonmedia CG2001-AN22A/CG2001-UDBNA/CG2001-UN2NA Credentials credentials managementlow🔒---
128334D-Link DCM-604/DCM-704 Credentials credentials management [CVE-2018-20389]low🔒---
128333Comtrend CM-6200un/CM-6300n credentials management [CVE-2018-20388]low🔒---
128332Bnmux BCW700J/BCW710J/BCW710J2 Credentials credentials managementlow🔒---
128331Arris SBG6580-2 Credentials credentials management [CVE-2018-20386]low🔒---
128330CastleNet CBV38Z4EC/CBV38Z4ECNIT/CBW383G4J/CBW38G4J Credentials credentials managementlow🔒---
128329iNovo IB-8120-W21/IB-8120-W21E1 Credentials credentials managementlow🔒---
128328Arris DG950A/DG950S Credentials credentials management [CVE-2018-20383]low🔒---
128327Jiuzhou BCM93383WRG Credentials credentials management [CVE-2018-20382]low🔒---
128326Technicolor DPC2320 Credentials credentials management [CVE-2018-20381]low🔒---
128325Ambit DDW2600/DDW2602/T60C926/U10C019 Credentials credentials managementlow🔒---
128324Technicolor DPC3928SL cross site scripting [CVE-2018-20379]low🔒---
128323Orange Livebox Service Port 8080 get_getnetworkconf.cgi credentials managementmedium🔒---
128322Tiny C Compiler Source File Compiler tccasm.c asm_parse_directive out-of-bounds writemedium🔒---
128321Tiny C Compiler Source File Compiler tccgen.c sym_pop out-of-bounds writemedium🔒---
128320Tiny C Compiler Source File Compiler tccasm.c use_section1 out-of-bounds writemedium🔒---
128319Tenda ADSL Modem DHCP Client cross site scripting [CVE-2018-20373]low🔒---
128318TP-LINK TD-W8961ND DHCP Client cross site scripting [CVE-2018-20372]low🔒---
128317PhotoRange Photo Vault login.html__passwd1 credentials managementmedium🔒---
128316SZ NetChat Options Module cross site scripting [CVE-2018-20370]low🔒---
128315Barracuda Message Archiver Add_Update Module ldap_load_entry.cgi cross site scriptinglow🔒---
128314Master Slider Plugin admin-ajax.php cross site scriptinglow🔒---
128313WSTMart add.html Stored cross site scriptinglow🔒---
128312LibRaw libraw_cxx.cpp raw2image memory corruptionmedium🔒--🔒
128311LibRaw libraw_cxx.cpp copy_bayer null pointer dereferencelow🔒--🔒
128310LibRaw libraw_cxx.cpp raw2image null pointer dereferencelow🔒--🔒
128309Freeware Advanced Audio Decoder filtbank.c ifilter_bank null pointer dereferencelow🔒---
128308Freeware Advanced Audio Decoder sbr_hfadj.c hf_assembly memory corruptionlow🔒---
128307Freeware Advanced Audio Decoder sbr_dec.c sbr_process_channel memory corruptionlow🔒---
128306Freeware Advanced Audio Decoder sbr_dec.c sbrDecodeSingleFramePS memory corruptionlow🔒---
128305Freeware Advanced Audio Decoder lt_predict.c lt_prediction memory corruptionlow🔒---
128304Freeware Advanced Audio Decoder sbr_dec.c sbr_process_channel null pointer dereferencelow🔒---
128303Antiy AVL ATool Kernel Driver ssdt.sys memory corruptionmedium🔒---
1283021Password Error Log Credentials log filelow🔒---
128301SKCertService DLL access controlmedium🔒---
128300Hancom Office 2010/Office 2014/Office 2018/Office NEO Compound File memory corruptionmedium🔒---
128299ALZip LZH Archive memory corruption [CVE-2018-5196]medium🔒---
128298Evernote Markdown Stored cross site scriptinglow🔒---
128297igraph igraph_trie.c igraph_i_strdiff null pointer dereferencelow🔒---
128296libpff libpff_item_tree.c libpff_item_tree_create_node memory corruptionlow🔒---
128295SQLite FTS3 Extension integer overflow [CVE-2018-20346]medium🔒--🔒
128294StackStorm st2api keys access controlmedium🔒---
128293Floureon IP Camera SP012 UART Serial Interface access controlmedium🔒---
128292Danijar Hafner Definitions Package parser.py load command injectionmedium🔒---
128291LimeSurvey File Upload cross site scripting [CVE-2018-20322]low🔒---
128290TheHive Project Cortex Role.toString access controlmedium🔒---
128289Pulse Secure Access SA update.cgi access controllow🔒---
128288Gigabyte App Center GDrv Low-Level Driver access control [CVE-2018-19323]medium🔒---
128287Gigabyte App Center GPCIDrv/GDrv routine [CVE-2018-19322]medium🔒---
128286Gigabyte App Center GPCIDrv/GDrv access control [CVE-2018-19321]medium🔒---
128285Gigabyte App Center GDrv Low-Level Driver access control [CVE-2018-19320]medium🔒---
128284Trend Micro OfficeScan XG File Permission permission [CVE-2018-18332]medium🔒---
128283Trend Micro OfficeScan XG File Permission permission [CVE-2018-18331]medium🔒---
128282Trend Micro Dr. Safety for Android Address Bar input validationmedium🔒---
128281D-Link DIR-140L/DIR-640L dirary0.js Credentials credentials managementlow🔒---
128280D-Link DSL/DIR/DWR spaces.htm Credentials credentials managementlow🔒---
128279D-Link DSL-2770L atbox.htm Credentials credentials managementlow🔒---
128278Jenzabar cross site scripting [CVE-2018-16778]low🔒---
128277Zoho ManageEngine OpManager Alarms cross site scripting [CVE-2018-20339]low🔒---
128276Zoho ManageEngine OpManager Alarms sql injection [CVE-2018-20338]medium🔒---
128275LibRaw dcraw_common.cpp parse_makernote memory corruptionmedium🔒--🔒
128274OpenWebif Plugin Path path traversal [CVE-2018-20332]low🔒---
128273libjpeg-turbo tjLoadImage integer overflowmedium🔒--🔒
128272Chamilo LMS CoursesAndSessionsCatalog.class.php sql injectionmedium🔒---
128271Chamilo LMS group_view.php cross site scriptinglow🔒---
128270Chamilo LMS Gradebook Dependencies Tool gradebook_list.tpl cross site scriptinglow🔒---
128269BlackBerry Management Console cross-site request forgery [CVE-2018-8892]low🔒---
128268BlackBerry Management Console Stored cross site scripting [CVE-2018-8891]low🔒---
128267BlackBerry Management Console Stored cross site scripting [CVE-2018-8888]low🔒---
128266ZXCLOUD iRAI untrusted search path [CVE-2018-7365]low🔒---
128265McAfee Application Control Whitelist access control [CVE-2018-6669]medium🔒---
128264KMPlayer FLV File memory corruption [CVE-2018-5200]medium🔒---
128263Veraport G3 ALL Domain Validation input validation [CVE-2018-5199]medium🔒---
128262Veraport G3 ALL API race condition [CVE-2018-5198]medium🔒---
128261weixin-java-tools BaseWxPayResult.java getXmlDoc xml external entity referencemedium🔒---
128260QEMU pvrdma_dev_ring.c input validationlow🔒---
128259QEMU pvrdma_main.c uar_write null pointer dereferencelow🔒---
128258QEMU pvrdma_cmd.c create_qp resource managementlow🔒---
128257QEMU pvrdma_cmd.c create_qp_rings null pointer dereferencelow🔒---
128256QEMU rdma_backend.c out-of-bounds readmedium🔒---
128255IBM API Connect access control [CVE-2018-1973]medium🔒---
128254TRENDnet TEW-632BRP/TEW-673GRU apply.cgi memory corruptionmedium🔒---
128253TRENDnet TV-IP110WN/TV-IP121WN video.cgi memory corruptionmedium🔒---
128252TRENDnet TV-IP110WN/TV-IP121WN network.cgi memory corruptionmedium🔒---
128251TRENDnet TEW-673GRU apply.cgi start_arpping os command injectionmedium🔒---
128250Comparex Miss Marple Enterprise Edition Updater Service input validationmedium🔒---
128249Comparex Miss Marple Enterprise Edition hard-coded credentialsmedium🔒---
128248Artifex Ghostscript type conversion [CVE-2018-19134]medium🔒--🔒
128247Cscape POC File input validation [CVE-2018-19005]medium🔒---
128246Gigaset Maxwell Basic VoIP Password Verification credentials managementmedium🔒---
128245D-Link myDlink Baby App Credentials credentials management [CVE-2018-18767]medium🔒---
128244Keybase Command Line Client untrusted search path [CVE-2018-18629]low🔒---
128243D-Link DCS-825L input validation [CVE-2018-18442]low🔒---
128242D-Link DCS-936L info.cgi information disclosurelow🔒---
128241jco.ir Karma ContentPlaceHolder1_uxTitle ArchiveNews.aspx sql injectionmedium🔒---
128240MicroWorld Technologies eScan Agent Application MWAGENT.EXE access controlmedium🔒---
128239IBM API Connect MongoDB Connector input validation [CVE-2018-1784]medium🔒---
128238IBM Connect REST API improper authentication [CVE-2018-1778]medium🔒---
128237IBM Domino Command Line nsd.exe memory corruptionmedium🔒---
128236Elasticsearch Security Java Security Manager xml external entity referencemedium🔒--🔒
128235Kibana Console Plugin command injection [CVE-2018-17246]medium🔒--🔒
128234Kibana PDF Report Generator credentials management [CVE-2018-17245]medium🔒--🔒
128233Elasticsearch Security Active Directory information disclosuremedium🔒--🔒
128232IBM DataPower Gateways File System input validation [CVE-2018-1677]low🔒---
128231Kirby Password Recovery injection [CVE-2018-16627]medium🔒---
128230IBM DataPower Gateways cross-site request forgery [CVE-2018-1661]low🔒---
128229Logitech Harmony Hub command injection [CVE-2018-15723]medium🔒---
128228Logitech Harmony Hub os command injection [CVE-2018-15722]medium🔒---
128227Logitech Harmony Hub XMPP Server improper authentication [CVE-2018-15721]medium🔒---
128226Logitech Harmony Hub XMPP Server hard-coded credentials [CVE-2018-15720]medium🔒---
128225F5 BIG-IP AAM Convert Utility permission [CVE-2018-15331]medium🔒--🔒
128224F5 BIG-IP Traffic Management Microkernel Bomb input validationlow🔒--🔒
128223F5 BIG-IP TMUI command injection [CVE-2018-15329]medium🔒--🔒
128222Mondula Multi Step Form Plugin admin-ajax.php Stored cross site scriptinglow🔒---
128221Adrenalin ShiftEmployeeSearch.aspx Reflected cross site scriptinglow🔒---
128220Google Android use after free [CVE-2018-11988]low🔒---
128219Google Android Linux Kernel double free [CVE-2018-11987]low🔒---
128218Google Android Camera Subsystem memory corruption [CVE-2018-11986]medium🔒---
128217Google Android config [CVE-2018-11985]medium🔒---
128216Google Android DIAG Driver use after free [CVE-2018-11984]medium🔒---
128215Google Android Linux Kernel use after free [CVE-2018-11983]medium🔒---
128214Google Android Linux Kernel proptrigger.sh access controlmedium🔒---
128213Google Android Linux Kernel passwd access controllow🔒---
128212Google Android Camera JPEG Driver out-of-bounds read [CVE-2018-11963]medium🔒---
128211Google Android GNSS Config memory corruption [CVE-2018-11961]medium🔒---
128210Google Android SPS Driver use after free [CVE-2018-11960]medium🔒---
128209netatalk dsi_opensess.c out-of-bounds writemedium🔒--🔒
128208NASM stdscan.c memory corruptionmedium🔒---
128207PHKP phkp.php pgp_exec command injectionmedium🔒---
128206Vesta CP Password Reset index.php information disclosurelow🔒---
128205Elixir Plug Header Injection input validation [CVE-2018-1000883]medium🔒---
128204WebID getthumb.php path traversalmedium🔒---
128203Traccar Server ComputedAttributesHandler.java code injectionmedium🔒---
128202libarchive archive_read_support_format_warc.c warc_read double freelow🔒--🔒
128201libarchive archive_acl.c archive_acl_from_text_l null pointer dereferencelow🔒---
128200libarchive RAR Decoder archive_read_support_format_rar.c use after freemedium🔒--🔒
128199libarchive RAR Decoder archive_read_support_format_rar.c parse_codes double freelow🔒--🔒
128198GNU binutils bfd_canonicalize_dynamic_reloc integer overflowmedium🔒---
128197Berkeley Open Infrastructure for Network Computing BOINC Server Website Terms of Service Acceptance Page improper authenticationmedium🔒---
128196PHP Markdown Parser cross site scripting [CVE-2018-1000874]low🔒---
128195FasterXML Jackson jackson-databind input validation [CVE-2018-1000873]low🔒---
128194OpenKMIP PyKMIP resource management [CVE-2018-1000872]low🔒---
128193HotelDruid gestione_utenti.php sql injectionmedium🔒---
128192phpipam User Settings print-user.php cross site scriptinglow🔒---
128191phpipam item-add-submit.php sql injectionmedium🔒---
128190WebID user_login.php cross site scriptinglow🔒---
128189WebID Blind sql injection [CVE-2018-1000867]medium🔒---
128188phpipam cross site scripting [CVE-2018-1000860]low🔒---
128187GnuPG cross-site request forgery [CVE-2018-1000858]low🔒--🔒
128186log-user-session path traversalmedium🔒---
128185DomainMod cross site scripting [CVE-2018-1000856]low🔒---
128184easymon Firefox Reflected cross site scriptinglow🔒---
128183esigate XSLT injection [CVE-2018-1000854]medium🔒---
128182FreeRDP drdynvc_main.c drdynvc_process_capability_request resource managementmedium🔒--🔒
128181Copay Bitcoin Wallet Private Key Storage key management [CVE-2018-1000851]low🔒---
128180Square Retrofit path traversal [CVE-2018-1000850]medium🔒---
128179Alpine Linux Package Manager input validation [CVE-2018-1000849]medium🔒---
128178WampServer index.php cross site scriptinglow🔒---
128177FreshDNS Admin Interface cross site scripting [CVE-2018-1000847]low🔒---
128176FreshDNS index.php cross-site request forgerylow🔒---
128175Avahi avahi-daemon denial of service [CVE-2018-1000845]low🔒--🔒
128174Square Open Source Retrofit XML Data xml external entity referencemedium🔒---
128173Luigi API Endpoint 1870 cross-site request forgerylow🔒---
128172FatFreeCRM cross site scripting [CVE-2018-1000842]low🔒---
128171Zend.To verify.php cross site scriptinglow🔒---
128170Processing Foundation Processing XML Data loadXML xml external entity referencemedium🔒---
128169LH-HER File Upload unrestricted upload [CVE-2018-1000839]medium🔒---
128168Autopsy XML Parser xml external entity reference [CVE-2018-1000838]medium🔒---
128167UML Designer XML Parser xml external entity reference [CVE-2018-1000837]medium🔒---
128166bw-calendar-engine version XML Parser xml external entity referencemedium🔒---
128165KeePass XML Data xml external entity reference [CVE-2018-1000835]medium🔒---
128164Runelite XML Data xml external entity reference [CVE-2018-1000834]medium🔒---
128163ZoneMinder deserialization [CVE-2018-1000833]medium🔒---
128162ZoneMinder command injection [CVE-2018-1000832]medium🔒---
128161K9Mail XML Data xml external entity reference [CVE-2018-1000831]medium🔒---
128160XR3Player Playlist Parser xml external entity reference [CVE-2018-1000830]medium🔒---
128159Anyplace XML Data xml external entity reference [CVE-2018-1000829]medium🔒---
128158FrostWire XML Data Archiving Service xml external entity referencemedium🔒---
128157Ubilling deserialization [CVE-2018-1000827]medium🔒---
128156Microweber Admin Login cross site scripting [CVE-2018-1000826]low🔒---
128155FreeCol FreeColXMLReader Parser xml external entity referencemedium🔒---
128154MegaMek Object Stream Connection deserialization [CVE-2018-1000824]medium🔒---
128153Exist REST Server xml external entity reference [CVE-2018-1000823]medium🔒---
128152Codelib Fess GSA XML File Parser xml external entity referencemedium🔒---
128151MicroMathematics SMathStudio File xml external entity referencemedium🔒---
128150neo4j-contrib neo4j-apoc-procedures XML Parser xml external entity referencemedium🔒---
128149Asset Pipeline Plugin Access Control access control [CVE-2018-1000817]medium🔒---
128148Grafana Query Editor cross site scripting [CVE-2018-1000816]low🔒---
128147Brave content_settings_observer.cc AllowScript input validationmedium🔒---
128146aio-libs aiohttp-session NaClCookieStorage session expirationmedium🔒---
128145Backdrop CMS Class Name cross site scripting [CVE-2018-1000813]low🔒---
128144Ártica Soluciones Tecnológicas Integria IMS Password Recovery password_recovery.php password recoverymedium🔒---
128143Bludit Pages Editor unrestricted upload [CVE-2018-1000811]medium🔒---
128142knc read_packet resource consumptionlow🔒---
128141Google Android Synchronization msm_vb2 use after freemedium🔒---
128140Pulse Secure Virtual Traffic Manager information disclosure [CVE-2018-20307]low🔒---
128139Pulse Secure Virtual Traffic Manager Web Administration User Interface Stored cross site scriptinglow🔒---
128138Steve Pallen Coherence Registration input validation [CVE-2018-20301]medium🔒---
128137Microsoft Internet Explorer Scripting Engine JScript.dll memory corruptionmedium🔒--🔒
128136LibVNC File Transfer Extension use after free [CVE-2018-6307]medium🔒--🔒
128135D-Link DIR-816 A2 form2userconfig.cgi memory corruptionmedium🔒---
128134libexcel workbook.c wbook_addworksheet memory corruptionmedium🔒---
128133Gogs File Upload path.go path traversalmedium🔒---
128132Steve Pallen Xain cross site scripting [CVE-2018-20302]low🔒---
128131Empire CMS memberform.$fid.php code injectionmedium🔒---
128130Bosch Smart Home Camera Network Interface memory corruption [CVE-2018-20299]medium🔒---
128129S3 Browser XML Data xml external entity reference [CVE-2018-20298]medium🔒---
128128Two-Factor-Authentication Plugin cross-site request forgery [CVE-2018-20231]low🔒---
128127PSPP pspp-dump-sav.c read_bytes_internal memory corruptionmedium🔒---
128126SubSonic internetRadioSettings.view cross-site request forgerylow🔒---
128125RDF4j path traversal [CVE-2018-20227]medium🔒---
128124LibVNC Client null pointer dereference [CVE-2018-20024]low🔒--🔒
128123LibVNC Client information disclosure [CVE-2018-20023]medium🔒--🔒
128122LibVNC Client information disclosure [CVE-2018-20022]medium🔒--🔒
128121LibVNC Client resource consumption [CVE-2018-20021]low🔒--🔒
128120LibVNC out-of-bounds write [CVE-2018-20020]medium🔒--🔒
128119LibVNC out-of-bounds write [CVE-2018-20019]medium🔒--🔒
128118Statamic Add New users cross site scriptinglow🔒---
128117CMS Made Simple File Upload cross site scripting [CVE-2018-19597]low🔒---
128116Zurmo Report cross site scripting [CVE-2018-19596]low🔒---
128115cmsimple File Upload cross site scripting [CVE-2018-19508]low🔒---
128114cmsimple ?file=config&action=array cross site scriptinglow🔒---
128113Zurmo Reports cross site scripting [CVE-2018-19506]low🔒---
128112Advantech WebAccess SCADA input validation [CVE-2018-18999]medium🔒---
128111Apache NiFi Template Upload cross-site request forgery [CVE-2018-17195]low🔒---
128110Apache NiFi Cluster input validation [CVE-2018-17194]medium🔒---
128109Apache NiFi Error Page message-page.jsp Reflected cross site scriptinglow🔒---
128108Apache NiFi X-Frame-Options Header input validation [CVE-2018-17192]medium🔒---
128107sssd Configuration Parameter information disclosure [CVE-2018-16883]low🔒---
128106Spring Security JWT Issuer Validation insufficient verification of data authenticitymedium🔒---
128105Pivotal Concourse Login Flow redirect [CVE-2018-15798]medium🔒---
128104LibVNC File Transfer Extension out-of-bounds write [CVE-2018-15127]medium🔒--🔒
128103LibVNC File Transfer Extension use after free [CVE-2018-15126]medium🔒--🔒
128102Apache Oozie Workflow Impersonation input validationmedium🔒---
128101VMware vRealize Operations access control [CVE-2018-6978]medium🔒--🔒
128100Webroot BrightCloud SDK HTTP Client certificate validation [CVE-2018-4015]medium🔒---
128099libexcel workbook.c wbook_addworksheet memory corruptionmedium🔒---
128098Espruino JS File jsflash.c jsfNameFromString memory corruptionmedium🔒---
128097Freeware Advanced Audio Decoder filtbank.c ifilter_bank null pointer dereferencelow🔒---
128096Freeware Advanced Audio Decoder filtbank.c ifilter_bank null pointer dereferencelow🔒---
128095Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruptionmedium🔒---
128094Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruptionmedium🔒---
128093Freeware Advanced Audio Decoder ic_predict.c ic_predict null pointer dereferencelow🔒---
128092Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruptionmedium🔒---
128091Artica Integria IMS lista_usuarios cross-site request forgerylow🔒---
128090Symfony Login Form redirect [CVE-2018-19790]medium🔒--🔒
128089Symfony __toString unrestricted uploadlow🔒--🔒
128088DriverAgent IOCTL Call DrvAgent64.sys input validationmedium🔒---
128087PHP Server Monitor cross-site request forgery [CVE-2018-18921]low🔒---
128086IBM Event Streams API input validation [CVE-2018-1833]medium🔒---
128085D-Link DVA-5592 Control Panel login improper authenticationmedium🔒---
128084Linux Kernel NFS41+ Subsystem bc_svc_process use after freemedium🔒--🔒
128083ARM Trusted Firmware Register information disclosure [CVE-2017-15031]low🔒---
128082Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server unusual conditionlow🔒---
128081Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server information disclosurelow🔒---
128080Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server redirectmedium🔒---
128079Schneider Electric Power Monitoring Expert URL redirect [CVE-2018-7797]medium🔒---
128078LibSass eval.cpp Supports_Operator*) null pointer dereferencelow🔒---
128077GraphicsMagick dib File dib.c ReadDIBImage input validationlow🔒--🔒
128076Fuel CMS cross-site request forgery [CVE-2018-20188]low🔒---
128075Bento4 Ap4Sample.cpp ReadData resource consumptionlow🔒---
128074GraphicsMagick bmp.c ReadBMPImage out-of-bounds readmedium🔒--🔒
128073GraphicsMagick tga.c WriteTGAImage memory corruptionmedium🔒--🔒
128072Nagios XI magpie_slashbox.php cross site scriptinglow🔒---
128071Nagios XI magpie_simple.php cross site scriptinglow🔒---
128070ymlref code injection [CVE-2018-20133]medium🔒---
128069QEMU pvrdma_main.c pvrdma_realize resource managementlow🔒---
128068PTC ThingWorx Platform ZIP File path traversal [CVE-2018-20092]medium🔒---
128067Pylearn2 yaml_parse.load code injectionmedium🔒---
128066YARA exec.c information disclosurelow🔒---
128065YARA exec.c out-of-bounds readmedium🔒---
128064YARA exec.c Address information disclosurelow🔒---
128063PrinterOn Enterprise File input validation [CVE-2018-19936]low🔒---
128062Bolt CMS Text Input Click Preview cross site scripting [CVE-2018-19933]low🔒---
128061Artica Integria IMS cross site scripting [CVE-2018-19828]low🔒---
128060InfoVista VistaPortal SE SharedCriteria.jsp Reflected cross site scriptinglow🔒---
128059InfoVista VistaPortal SE SecurityPolicies.jsp Reflected cross site scriptinglow🔒---
128058InfoVista VistaPortal SE Roles.jsp Reflected cross site scriptinglow🔒---
128057InfoVista VistaPortal SE Rights.jsp Reflected cross site scriptinglow🔒---
128056InfoVista VistaPortal SE Contacts.jsp Reflected cross site scriptinglow🔒---
128055InfoVista VistaPortal SE AdminAuthorisationFrame.jsp Reflected cross site scriptinglow🔒---
128054InfoVista VistaPortal SE ChooseCategory.jsp Reflected cross site scriptinglow🔒---
128053InfoVista VistaPortal SE UserPopupAddNewProp.jsp Reflected cross site scriptinglow🔒---
128052InfoVista VistaPortal SE Subscriptions.jsp Reflected cross site scriptinglow🔒---
128051InfoVista VistaPortal SE Subscribers.jsp Reflected cross site scriptinglow🔒---
128050InfoVista VistaPortal SE SubFolderPackages.jsp Reflected cross site scriptinglow🔒---
128049InfoVista VistaPortal SE Import.jsp Reflected cross site scriptinglow🔒---
128048InfoVista VistaPortal SE GroupMove.jsp Reflected cross site scriptinglow🔒---
128047InfoVista VistaPortal SE GroupCopy.jsp Reflected cross site scriptinglow🔒---
128046InfoVista VistaPortal SE Variables.jsp Reflected cross site scriptinglow🔒---
128045InfoVista VistaPortal SE PresentSpace.jsp Reflected cross site scriptinglow🔒---
128044InfoVista VistaPortal SE EditCurrentUser.jsp Reflected cross site scriptinglow🔒---
128043InfoVista VistaPortal SE EditCurrentPresentSpace.jsp Reflected cross site scriptinglow🔒---
128042InfoVista VistaPortal SE EditCurrentPool.jsp Reflected cross site scriptinglow🔒---
128041InfoVista VistaPortal SE Users.jsp Reflected cross site scriptinglow🔒---
128040InfoVista VistaPortal SE UserProperties.jsp Reflected cross site scriptinglow🔒---
128039InfoVista VistaPortal SE SubPagePackages.jsp cross site scriptinglow🔒---
128038InfoVista VistaPortal SE PresentSpace.jsp Reflected cross site scriptinglow🔒---
128037InfoVista VistaPortal SE GroupRessourceAdmin.jsp Reflected cross site scriptinglow🔒---
128036InfoVista VistaPortal SE EditCurrentPresentSpace.jsp Reflected cross site scriptinglow🔒---
128035InfoVista VistaPortal SE RolePermissions.jsp Reflected cross site scriptinglow🔒---
128034Sylabs Singularity input validation [CVE-2018-19295]medium🔒--🔒
128033Bosch IP Camera Network Interface memory corruption [CVE-2018-19036]medium🔒---
128032IBM Security Guardium Web UI cross site scripting [CVE-2018-1891]low🔒---
128031IBM Security Guardium Web UI cross site scripting [CVE-2018-1889]low🔒---
128030VyOS Default Configuration pppd access controlmedium🔒---
128029VyOS Sandbox access control [CVE-2018-18555]medium🔒---
128028Icinga Web 2 Navigation Dashlet input validation [CVE-2018-18250]low🔒---
128027Icinga Web 2 add code injectionmedium🔒---
128026Icinga Web 2 services cross site scriptinglow🔒---
128025Icinga Web 2 add cross site scriptinglow🔒---
128024Icinga Web 2 cross-site request forgery [CVE-2018-18246]low🔒---
128023Nagios Plugin Result cross site scripting [CVE-2018-18245]low🔒--🔒
128022Swisscom Internet Box Light LAN UPnP Service memory corruptionmedium🔒---
128021Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_pcie.c dhd_bus_flow_ring_create_response memory corruptionmedium🔒---
128020Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_pcie.c dhd_bus_flow_ring_flush_response memory corruptionmedium🔒---
128019Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_pcie.c dhd_bus_flow_ring_delete_response memory corruptionmedium🔒---
128018Samsung Galaxy S6 Wi-Fi Driver dhd_msgbuf.c dhd_prot_txdata_write_flush null pointer dereferencelow🔒---
128017Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_linux.c dhd_rx_frame memory corruptionmedium🔒---
128016IBM Security Guardium Database Activity Monitor 7pk securitylow🔒---
128015IBM Security Guardium URL information disclosure [CVE-2017-1272]low🔒---
128014IBM Security Guardium Certificate Validation certificate validationmedium🔒---
128013Zoho ManageEngine OpManager getGraphData API sql injection [CVE-2018-20173]medium🔒---
128012OpenStack Keystone POST Request tokens Username information disclosurelow🔒---
128011Linux Kernel USB Subsystem usb.c __usb_get_extra_descriptor resource consumptionmedium🔒--🔒
128010Rendertron node_modules information disclosure [CVE-2017-18355]low🔒---
128009Rendertron Protocol path traversal [CVE-2017-18354]low🔒---
128008Rendertron access control [CVE-2017-18353]low🔒---
128007Rendertron Error Reporting Reflected cross site scriptinglow🔒---
128006Google gVisor Pagetable input validation [CVE-2018-20168]low🔒---
128005Terminology applications handle_unknown_media injectionmedium🔒--🔒
128004BlinkForHome Sync Module Clip 7pk security [CVE-2018-20161]low🔒---
128003i-doit open File Upload input validation [CVE-2018-20159]medium🔒---
128002OpenRefine XML Data xml external entity reference [CVE-2018-20157]medium🔒---
128001WP Maintenance Mode Plugin input validation [CVE-2018-20156]medium🔒---
128000WP Maintenance Mode Plugin Access Restriction access controlmedium🔒---
127999WP Maintenance Mode Plugin Email information disclosure [CVE-2018-20154]low🔒---
127998WordPress Comment cross site scripting [CVE-2018-20153]low🔒--🔒
127997WordPress Post Type input validation [CVE-2018-20152]medium🔒--🔒
127996WordPress User-Activation Page Email information disclosurelow🔒--🔒
127995WordPress Plugin cross site scripting [CVE-2018-20150]low🔒--🔒
127994WordPress MIME Restriction cross site scripting [CVE-2018-20149]low🔒--🔒
127993WordPress Metadata deserialization [CVE-2018-20148]medium🔒--🔒
127992WordPress Metanet Data Delete access controlmedium🔒--🔒
127991IBM DB2 input validation [CVE-2018-1977]low🔒---
127990Sonarsource SonarQube API information disclosure [CVE-2018-19413]low🔒---
127989Geutebrueck E2 Camera DNS Configuration os command injectionmedium🔒---
127988GE Mark VIe path traversal [CVE-2018-19003]medium🔒---
127987Medtronic CareLink 9790 Programmer 29901 cryptographic issuesmedium🔒---
127986IBM Business Automation Workflow Web UI cross site scriptinglow🔒---
127985Ricoh myPrint WSDL API hard-coded credentials [CVE-2018-18006]medium🔒---
127984Google Go crypto-x509 Package certificate validation [CVE-2018-16875]low🔒--🔒
127983Google Go Command path traversal [CVE-2018-16874]medium🔒--🔒
127982Google Go Command input validation [CVE-2018-16873]medium🔒--🔒
127981Apache OFBiz HTTP Engine httpService information disclosuremedium🔒---
127980Micro Focus Fortify Software Security Center improper authorizationmedium🔒---
127979Micro Focus Fortify Software Security Center improper authorizationmedium🔒---
127978McAfee Agent resource consumption [CVE-2018-6707]medium🔒---
127977Pixar Tractor software Stored cross site scripting [CVE-2018-5411]low🔒---
127976Intel System Defense Utility Permission access control [CVE-2018-3705]medium🔒---
127975Intel Parallel Studio XE Permission access control [CVE-2018-3704]medium🔒---
127974Eclipse Mosquitto ACL 7pk security [CVE-2018-20145]medium🔒--🔒
127973PHP Scripts Mall Entrepreneur B2B Script Account Settings Stored cross site scriptinglow🔒---
127972Fuel CMS cross site scripting [CVE-2018-20137]low🔒---
127971Fuel CMS Page Creation cross site scripting [CVE-2018-20136]low🔒---
127970QEMU 9p.c v9fs_wstat race conditionlow🔒--🔒
127969Oracle Secure Global Desktop helpwindow.jsp Reflected cross site scriptinglow🔒---
127968QEMU cofile.c use after freemedium🔒--🔒
127967Zoho ManageEngine ADAudit memory corruption [CVE-2018-19118]medium🔒---
127966Grafana information disclosure [CVE-2018-19039]medium🔒---
127965Abisoft Ticketly addproject.php description sql injectionmedium🔒---
127964Abisoft Ticketly add_user.php add_user access controlmedium🔒---
127963IBM Security Access Manager Appliance hard-coded credentialsmedium🔒---
127962IBM Security Access Manager Appliance information disclosurelow🔒---
127961IBM Operational Decision Management XML Data xml external entity referencemedium🔒---
127960IBM Security Guardium hard-coded credentials [CVE-2018-1818]medium🔒---
127959IBM Security Guardium Web UI cross site scripting [CVE-2018-1817]low🔒---
127958IBM Security Access Manager Appliance Web UI cross site scriptinglow🔒---
127957IBM Security Access Manager Appliance inadequate encryption [CVE-2018-1814]medium🔒---
127956IBM Security Access Manager Appliance Blacklist access controlmedium🔒---
127955Intel Solid State Drive Toolbox Directory Permission access controlmedium🔒---
127954Intel QuickAssist Technology for Linux memory corruption [CVE-2018-18096]low🔒---
127953Intel VTune Amplifier File Permission access control [CVE-2018-18093]medium🔒---
127952IBM Security Access Manager Appliance Error Message information disclosurelow🔒---
127951IBM Security Access Manager Appliance Session session fixiationmedium🔒---
127950IBM Security Access Manager Appliance input validation [CVE-2018-1803]medium🔒---
127949IBM Security Access Manager Appliance Web UI cross site scriptinglow🔒---
127948QEMU Media Transfer Protocol usb_mtp_get_partial_object input validationmedium🔒---
127947IBM DataPower Gateway Web UI cross site scripting [CVE-2018-1667]low🔒---
127946IBM DataPower Gateway inadequate encryption [CVE-2018-1665]medium🔒---
127945Siemens SIMATIC S7-410 Service Port 102 input validation [CVE-2018-16557]medium🔒---
127944Siemens SIMATIC S7-410 Service Port 102 input validation [CVE-2018-16556]medium🔒---
127943Siemens SCALANCE S602 Integrated Web Server cross site scriptinglow🔒---
127942IBM Security Access Manager Appliance Web UI cross site scriptinglow🔒---
127941Dell EMC iDRAC7/iDRAC8 Error 7pk error [CVE-2018-15776]medium🔒--🔒
127940Dell EMC iDRAC7/iDRAC8/iDRAC9 Redfish Interface access controlmedium🔒--🔒
127939Cloud Foundry UAA Authorization credentials management [CVE-2018-15754]medium🔒---
127938Katello API sql injection [CVE-2018-14623]medium🔒---
127937Siemens SIMATIC S7-1200 Connection resource consumption [CVE-2018-13815]low🔒---
127936Siemens SIMATIC HMI Comfort Panel Webserver Header Injection input validationmedium🔒---
127935Siemens SIMATIC HMI Comfort Panel Webserver redirect [CVE-2018-13813]medium🔒---
127934Siemens SIMATIC HMI Comfort Panel Security Vulnerability MP path traversalmedium🔒---
127933Siemens SIMATIC Step 7 Password Hash information disclosure [CVE-2018-13811]medium🔒---
127932Siemens SIMATIC IT LMS improper authentication [CVE-2018-13804]medium🔒---
127931Intel QuickAssist Technology for Linux Hardware Access memory corruptionlow🔒---
127930Avanti Markets MarketCard UPC Bar information disclosure [CVE-2018-12076]medium🔒---
127929IBM Security Guardium Password Storage Salt cryptographic issuesmedium🔒---
127928DeDeCMS select_images_post.php code injectionmedium🔒---
127927UsualToolCMS a_sqlback.php backname[] path traversalmedium🔒---
127926zzzphp CMS save.php del_file input validationlow🔒---
127925Microsoft SharePoint Enterprise Server cross site scripting [CVE-2018-8650]low🔒--🔒
127924McAfee Agent Installation Temporary access controlmedium🔒---
127923McAfee Agent access control [CVE-2018-6705]medium🔒---
127922McAfee Agent access control [CVE-2018-6704]medium🔒---
127921HAProxy dns.c infinite looplow🔒--🔒
127920HAProxy dns.c dns_validate_dns_response out-of-bounds readmedium🔒--🔒
127919Import Users from CSV with Meta Plugin Cell cross site scriptinglow🔒---
127918Exiv2 jp2image.cpp encodeJp2Header input validationlow🔒---
127917Exiv2 jp2image.cpp encodeJp2Header memory corruptionmedium🔒---
127916Exiv2 tiffimage_int.cpp findPrimaryGroups memory corruptionmedium🔒---
127915Exiv2 pngimage.cpp tEXtToDataBuf memory corruptionmedium🔒---
127914Bento4 Ap4Array.h EnsureCapacity resource managementlow🔒---
127913XXL-CONF PropUtil.java path traversalmedium🔒---
127912IBM WebSphere Application Server Admin Console cross-site request forgerylow🔒---
127911IBM WebSphere Application Server access control [CVE-2018-1901]medium🔒---
127910Linux Kernel Access Control userfaultfd.c privileges managementmedium🔒--🔒
127909eDirectory cross site scripting [CVE-2018-17952]low🔒---
127908eDirectory Authorization authorization [CVE-2018-17950]medium🔒---
127907iManager cross site scripting [CVE-2018-17949]low🔒---
127906QEMU Media Transfer Protocol dev-mtp.c usb_mtp_write_data path traversalmedium🔒---
127905Open Dental MySQL Database credentials management [CVE-2018-15719]medium🔒---
127904Open Dental information disclosure [CVE-2018-15718]medium🔒---
127903Open Dental Password Storage MD5 credentials managementmedium🔒---
127902F5 BIG-IP/Enterprise Manager/BIG-IQ/iWorkflow SNMPv3 Passphrase information disclosurelow🔒--🔒
127901IBM BigFix Platform session fixiation [CVE-2018-1485]medium🔒--🔒
127900IBM BigFix Platform Cookie session fixiation [CVE-2018-1484]low🔒--🔒
127899IBM BigFix Platform URL information disclosure [CVE-2018-1481]low🔒--🔒
127898IBM BigFix Platform Cookie httponly session fixiationlow🔒--🔒
127897IBM BigFix Platform input validation [CVE-2018-1478]low🔒--🔒
127896IBM BigFix Platform information disclosure [CVE-2018-1476]low🔒--🔒
127895IBM BigFix Platform HTTP Response Splitting response splittingmedium🔒--🔒
127894Siemens TIM 1531 IRC Service Port 102 improper authenticationmedium🔒---
127893Siemens SINUMERIK 828D/SINUMERIK 840D sl Security Vulnerability tcp access controllow🔒---
127892Siemens SINUMERIK 828D/SINUMERIK 840D sl IOCTL Call out-of-bounds readmedium🔒---
127891Siemens SINUMERIK 828D/SINUMERIK 840D sl VNC Server access controllow🔒---
127890Siemens SINUMERIK 828D/SINUMERIK 840D sl Service Command Application memory corruptionmedium🔒---
127889Siemens SINUMERIK 828D/SINUMERIK 840D sl access control [CVE-2018-11462]medium🔒---
127888Siemens SINUMERIK 828D/SINUMERIK 840D sl Service Command Application access controlmedium🔒---
127887Siemens SINUMERIK 828D/SINUMERIK 840D sl CRAMFS Archive access controlmedium🔒---
127886Siemens SINUMERIK 828D/SINUMERIK 840D sl access control [CVE-2018-11459]medium🔒---
127885Siemens SINUMERIK 828D/SINUMERIK 840D sl Firewall Configuration tcp access controlmedium🔒---
127884Siemens SINUMERIK 828D/SINUMERIK 840D sl Web Server access controlmedium🔒---
127883Microsoft Azure Pack Rollup cross site scripting [CVE-2018-8652]low🔒---
127882Microsoft Dynamics NAV cross site scripting [CVE-2018-8651]low🔒---
127881Microsoft Windows memory corruption [CVE-2018-8649]medium🔒--🔒
127880Microsoft Windows Win32k access control [CVE-2018-8641]medium🔒--🔒
127879McAfee Agent Common Service use after free [CVE-2018-6703]low🔒---
127878SAP Commerce cross site scripting [CVE-2018-2505]low🔒---
127877SAP NetWeaver AS JAVA Web Container cross site scripting [CVE-2018-2504]low🔒---
127876SAP NetWeaver AS JAVA KeyStore Service improper authorizationmedium🔒---
127875SAP Business One Service Layer Trace cross site scripting [CVE-2018-2502]medium🔒---
127874SAP Mobile Secure Android Application information disclosurelow🔒---
127873SAP HANA Security Audit Log input validation [CVE-2018-2497]low🔒---
127872SAP NetWeaver Basis AS ABAP authorization [CVE-2018-2494]medium🔒---
127871SAP NetWeaver AS JAVA SAML 2.0 input validation [CVE-2018-2492]medium🔒---
127870SAP Marketing cross site scripting [CVE-2018-2486]low🔒---
127869doorGets theme_content_nofi path traversalmedium🔒---
127868NoneCms App.php input validation [CVE-2018-20062]medium🔒---
127867ERPNext sql injection [CVE-2018-20061]medium🔒---
127866urllib3 Authorization HTTP Header Credentials credentials managementlow🔒---
127865phpMyAdmin Navigation Tree cross site scripting [CVE-2018-19970]low🔒--🔒
127864phpMyAdmin cross-site request forgery [CVE-2018-19969]low🔒--🔒
127863phpMyAdmin information disclosure [CVE-2018-19968]low🔒--🔒
127862IBM WebSphere Application Server Java deserialization [CVE-2018-1904]medium🔒---
127861IBM Curam Social Program Management Web UI cross site scriptinglow🔒---
127860TIBCO Managed File Transfer Command Center Privileges credentials managementmedium🔒---
127859Google Chrome v8 Reflect.construct out-of-bounds readmedium🔒--🔒
127858Google Chrome WPAD File input validation [CVE-2018-18358]medium🔒--🔒
127857Google Chrome URL Formatter Address input validationmedium🔒--🔒
127856Google Chrome Skia integer overflow [CVE-2018-18356]medium🔒--🔒
127855Google Chrome URL Formatter Address input validationmedium🔒--🔒
127854Google Chrome Shell input validation [CVE-2018-18354]medium🔒--🔒
127853Google Chrome Network Authentication source code [CVE-2018-18353]medium🔒--🔒
127852Google Chrome Media access control [CVE-2018-18352]medium🔒--🔒
127851Google Chrome Navigation Cookie input validationmedium🔒--🔒
127850Google Chrome Blink CSP data processingmedium🔒--🔒
127849Google Chrome Blink access control [CVE-2018-18349]medium🔒--🔒
127848Google Chrome Omnibox Address input validationmedium🔒--🔒
127847Google Chrome Navigation Javascript input validationmedium🔒--🔒
127846Google Chrome Blink input validation [CVE-2018-18346]medium🔒--🔒
127845Google Chrome Site Isolation 7pk security [CVE-2018-18345]medium🔒--🔒
127844Google Chrome Extensions setDownloadBehavior input validationmedium🔒--🔒
127843Google Chrome Skia use after free [CVE-2018-18343]medium🔒--🔒
127842Google Chrome v8 deserialization [CVE-2018-18342]medium🔒--🔒
127841Google Chrome Blink integer overflow [CVE-2018-18341]medium🔒--🔒
127840Google Chrome MediaRecorder memory corruption [CVE-2018-18340]medium🔒--🔒
127839Google Chrome WebAudio memory corruption [CVE-2018-18339]medium🔒--🔒
127838Google Chrome Canvas memory corruption [CVE-2018-18338]medium🔒--🔒
127837Google Chrome Blink use after free [CVE-2018-18337]medium🔒--🔒
127836Google Chrome PDFium use after free [CVE-2018-18336]medium🔒--🔒
127835Google Chrome Skia memory corruption [CVE-2018-18335]medium🔒--🔒
127834Google Chrome PDFium use after free [CVE-2018-17481]medium🔒--🔒
127833Google Chrome v8 out-of-bounds write [CVE-2018-17480]medium🔒--🔒
127832IBM Curam Social Program Management redirect [CVE-2018-1654]medium🔒---
127831IBM DataPower Gateway/MQ Appliance input validation [CVE-2018-1652]low🔒---
127830Palo Alto Expedition Migration Tool access control [CVE-2018-10143]medium🔒---
127829Microsoft Internet Explorer Scripting Engine memory corruptionmedium🔒--🔒
127828Microsoft Windows Win32k access control [CVE-2018-8639]medium🔒--🔒
127827Microsoft Windows DirectX information disclosure [CVE-2018-8638]low🔒--🔒
127826Microsoft Windows Win32k information disclosure [CVE-2018-8637]medium🔒--🔒
127825Microsoft SharePoint Enterprise Server access control [CVE-2018-8635]medium🔒--🔒
127824Microsoft Excel information disclosure [CVE-2018-8627]medium🔒--🔒
127823Microsoft Windows Kernel information disclosure [CVE-2018-8622]low🔒--🔒
127822Microsoft Windows Kernel information disclosure [CVE-2018-8621]low🔒--🔒
127821Microsoft Windows Connected User Experiences/Telemetry Service input validationlow🔒--🔒
127820Microsoft Windows Kernel access control [CVE-2018-8611]medium🔒--🔒
127819Microsoft Exchange Server Profile Data data processing [CVE-2018-8604]medium🔒--🔒
127818Microsoft Windows Diagnostics Hub Standard Collector Service dropped privilegesmedium🔒--🔒
127817Microsoft Excel information disclosure [CVE-2018-8598]low🔒--🔒
127816Microsoft Windows GDI information disclosure [CVE-2018-8596]low🔒--🔒
127815Microsoft Windows GDI information disclosure [CVE-2018-8595]low🔒--🔒
127814Microsoft SharePoint Enterprise Server Search information disclosurelow🔒--🔒
127813Microsoft .NET Framework input validation [CVE-2018-8517]low🔒--🔒
127812Microsoft Windows Remote Procedure Call information disclosurelow🔒--🔒
127811Microsoft Windows Kernel information disclosure [CVE-2018-8477]low🔒--🔒
127810Microsoft Internet Explorer Scripting Engine memory corruptionmedium🔒--🔒
127809Microsoft PowerPoint memory corruption [CVE-2018-8628]medium🔒--🔒
127808Microsoft Internet Explorer VBScript Engine memory corruptionmedium🔒--🔒
127807Microsoft Internet Explorer VBScript memory corruption [CVE-2018-8619]medium🔒--🔒
127806Microsoft Outlook memory corruption [CVE-2018-8587]medium🔒--🔒
127805Microsoft Excel memory corruption [CVE-2018-8636]medium🔒--🔒
127804Microsoft Excel memory corruption [CVE-2018-8597]medium🔒--🔒
127803Microsoft Windows Text-To-Speech memory corruption [CVE-2018-8634]medium🔒--🔒
127802Microsoft Internet Explorer memory corruption [CVE-2018-8631]medium🔒--🔒
127801Microsoft Windows DNS Server memory corruption [CVE-2018-8626]high🔒--🔒
127800Microsoft .NET Framework input validation [CVE-2018-8540]medium🔒--🔒
127799Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
127798Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
127797Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
127796Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
127795Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
127794Pippo JaxbEngine.java xml external entity referencemedium🔒---
127793Evernote Attachment Preview path traversal [CVE-2018-20058]low🔒---
127792D-Link DIR-605L/DIR-619L boa os command injectionmedium🔒---
127791D-Link DIR-605L/DIR-619L boa memory corruptionmedium🔒---
127790Signal Messenger Disappearing Messages information disclosurelow🔒---
127789Jooan JA-Q1H Wi-Fi Camera GetStreamUri data processinglow🔒---
127788Jooan JA-Q1H Wi-Fi Camera GetVideoEncoderConfigurationOptions data processinglow🔒---
127787NoMachine DokanFS nxfs.sys memory corruptionlow🔒---
127786IBM WebSphere Application Server API httpServletRequest#authenticate information disclosurelow🔒---
127785IBM Curam Social Program Management code injection [CVE-2018-1671]low🔒---
127784Nucleus CMS index.php input validationlow🔒---
127783BlackCat CMS cross site scripting [CVE-2018-16635]low🔒---
127782AccuSoft PrizmDoc HTML5 Document Viewer XML Data xml external entity referencemedium🔒---
127781Cloud Foundry Bits Service Signing Key information disclosurelow🔒---
127780Pivotal RabbitMQ Cookie 7pk security [CVE-2018-1279]low🔒---
127779Groovy Plugin Sandbox SandboxTransformer.java privileges managementmedium🔒---
127778Script Security Plugin Sandbox SandboxTransformer.java privileges managementmedium🔒---
127777Jenkins CronTab.java access controllow🔒--🔒
127776Jenkins Logging User.java path traversallow🔒--🔒
127775Jenkins DirectoryBrowserSupport.java information disclosurelow🔒--🔒
IDTitleVulDBCVSSSecuniaXForceNessus
127774Jenkins Stapler Web Framework MetaClass.java deserializationmedium🔒--🔒
127773Qualcomm Snapdragon Mobile/Snapdragon Wear Trusted Application ID Generator integer overflowmedium🔒---
127772S-Cms sql injection [CVE-2018-20018]medium🔒---
127771SEMCMS SEMCMS_Main.php cross site scriptinglow🔒---
127770YzmCMS add.html cross-site request forgerylow🔒---
127769PHPCMF cross site scripting [CVE-2018-20012]low🔒---
127768DomainMod category.php cross site scriptinglow🔒---
127767DomainMod ssl-provider-account.php cross site scriptinglow🔒---
127766DomainMod ssl-provider.php cross site scriptinglow🔒---
127765PHPOK Stored cross site scripting [CVE-2018-20006]low🔒---
127764Mini-XML mxml-search.c mxmlWalkNext use after freemedium🔒---
127763Mini-XML mxml-file.c mxml_write_node memory corruptionmedium🔒--🔒
127762GNU binutils libbfd syms.c _bfd_generic_read_minisymbols resource managementlow🔒---
127761libav apedec.c range_decode_culshift input validationlow🔒---
127760Apereo Bedework bw-webdav XML Data MethodBase.java xml external entity referencemedium🔒---
127759VeryNginx Web Application Firewall 7pk security [CVE-2018-19991]medium🔒---
127758Sigma Design Z-Wave S0/Z-Wave S1/Z-Wave S2 random values [CVE-2018-19983]low🔒---
127757KT MC01507L Z-Wave S0 HPKP certificate validation [CVE-2018-19982]medium🔒---
127756Hashicorp Consul Agent-to-Agent RPC Communication cryptographic issuesmedium🔒---
127755Anker Nebula Capsule Pro WifiService input validation [CVE-2018-19980]low🔒---
127754Google Android ixheaacd_adts_crc_check.c ixheaacd_adts_crc_start_reg out-of-bounds writemedium🔒---
127753Google Android impd_drc_static_payload.c impd_parametric_drc_parse_gain_set_params out-of-bounds writemedium🔒---
127752Google Android impd_drc_static_payload.c impd_parse_parametric_drc_instructions out-of-bounds writemedium🔒---
127751Google Android impd_drc_static_payload.c impd_parse_dwnmix_instructions out-of-bounds writemedium🔒---
127750Google Android impd_drc_static_payload.c impd_parse_split_drc_characteristic out-of-bounds writemedium🔒---
127749Google Android impd_drc_dynamic_payload.c impd_parse_filt_block out-of-bounds writemedium🔒---
127748Google Android impd_drc_static_payload.c impd_drc_parse_coeff out-of-bounds writemedium🔒---
127747Google Android impd_drc_dynamic_payload.c impd_parse_loud_eq_instructions out-of-bounds writemedium🔒---
127746Google Android impd_drc_dynamic_payload.c impd_parse_drc_ext_v1 out-of-bounds writemedium🔒---
127745Google Android impd_drc_gain_decoder.c impd_init_drc_decode_post_config out-of-bounds writemedium🔒---
127744Google Android easelcomm_hw_build_scatterlist race conditionmedium🔒---
127743Google Android llcp_commands.c nfc_llcp_build_sdreq_tlv out-of-bounds writemedium🔒--🔒
127742Google Android pppol2tp_connect use after freemedium🔒---
127741ZTE ZXIN10 devcomm access control [CVE-2018-7364]medium🔒---
127740Aruba Access Point BLE Radio 7pk security [CVE-2018-7080]medium🔒---
127739Aruba ClearPass Policy Manager Guest Authorization authorizationmedium🔒---
127738Aruba ClearPass Policy Manager API improper authentication [CVE-2018-7067]medium🔒---
127737Aruba ClearPass Policy Manager OneConnect command injection [CVE-2018-7066]medium🔒---
127736Aruba ClearPass Policy Manager sql injection [CVE-2018-7065]medium🔒---
127735Aruba ClearPass API xml external entity reference [CVE-2018-7063]medium🔒---
127734LibRaw Incomplete Fix dcraw_common.cpp identify integer overflowlow🔒--🔒
127733LibRaw dcraw_common.cpp parse_qt integer overflowlow🔒--🔒
127732LibRaw dcraw.c parse_minolta resource consumptionlow🔒--🔒
127731LibRaw dcraw_common.cpp nikon_coolscan_load_raw null pointer dereferencelow🔒--🔒
127730LibRaw dcraw_common.cpp nikon_coolscan_load_raw out-of-bounds readmedium🔒--🔒
127729LibRaw dcraw_common.cpp rollei_load_raw memory corruptionmedium🔒--🔒
127728LibRaw dcraw_common.cpp parse_exif memory corruptionmedium🔒---
127727LibRaw dcraw_common.cpp find_green memory corruptionmedium🔒--🔒
127726LibRaw dcraw_common.cpp samsung_load_raw out-of-bounds readmedium🔒--🔒
127725LibRaw dcraw_common.cpp leaf_hdr_load_raw null pointer dereferencelow🔒--🔒
127724LibRaw dcraw_common.cpp quicktake_100_load_raw memory corruptionmedium🔒--🔒
127723LibRaw dcraw_common.cpp identify divide by zerolow🔒--🔒
127722LibRaw dcraw_common.cpp kodak_radc_load_raw out-of-bounds readmedium🔒--🔒
127721LibRaw libraw_cxx.cpp unpack null pointer dereferencelow🔒--🔒
127720LibRaw dcraw_common.cpp kodak_ycbcr_load_raw memory corruptionmedium🔒--🔒
127719Xen HLE Transaction input validation [CVE-2018-19967]low🔒--🔒
127718Xen access control [CVE-2018-19966]medium🔒--🔒
127717Xen denial of service [CVE-2018-19965]low🔒--🔒
127716Xen P2M Lock 7pk error [CVE-2018-19964]low🔒--🔒
127715Xen x86 IOREQ Server resource management [CVE-2018-19963]medium🔒--🔒
127714Xen IOMMU Mapping access control [CVE-2018-19962]medium🔒--🔒
127713Xen TLB Flush access control [CVE-2018-19961]medium🔒--🔒
127712OnionShare web.py debug_mode input validationmedium🔒---
127711IBM Marketing Platform XML Data xml external entity referencemedium🔒---
127710Philips HealthSuite Health App inadequate encryption [CVE-2018-19001]medium🔒---
127709IBM Connections Host Header injection [CVE-2018-1896]medium🔒---
127708IBM MQ Console REST API denial of service [CVE-2018-1883]low🔒---
127707Rockwell MicroLogix 1400 Controller CIP Connection Request IP Address missing authenticationmedium🔒---
127706Foreman cross site scripting [CVE-2018-16861]low🔒---
127705IBM DataPower Gateways HSTS information disclosure [CVE-2018-1663]medium🔒---
127704GE Proficy Cimplicity GDS XML Data xml external entity referencemedium🔒---
127703IBM Marketing Platform XML Data xml external entity referencemedium🔒---
127702Google Android WLAN memory corruption [CVE-2018-11905]medium🔒---
127701LibRaw dcraw_common.cpp xtrans_interpolate out-of-bounds readlow🔒--🔒
127700LibRaw dcraw_common.cpp panasonic_load_raw memory corruptionmedium🔒--🔒
127699Google Android 802.11 Frame resource consumption [CVE-2017-15835]low🔒---
127698Google Android Host Driver memory corruption [CVE-2017-14888]medium🔒---
127697Xiaomi Mi A2 Lite/RedMi6 Pro Goodix GT9xx Touchscreen Driver gt9xx.c gtp_read_Color null pointer dereferencelow🔒---
127696PHP php_imap.c imap_mail null pointer dereferencelow🔒--🔒
127695GNU binutils libbfd elf.c integer overflowmedium🔒---
127694GNU binutils libbfd elfcode.h bfd_elf32_swap_phdr_in memory corruptionmedium🔒---
127693Google Android sock.c sk_clone_lock type conversionmedium🔒--🔒
127692Google Android Verified Boot privileges management [CVE-2018-9567]medium🔒---
127691Google Android sdp_discovery.c process_service_search_rsp out-of-bounds readmedium🔒---
127690Google Android xltdecwbxml.c readBytes out-of-bounds readmedium🔒---
127689Google Android bta_ag_sdp.cc bta_ag_do_disc out-of-bounds readmedium🔒---
127688Google Android Bluetooth Service hidd_api.cc HID_DevAddRecord out-of-bounds writemedium🔒---
127687Google Android cryptfs.cpp persist_set_key out-of-bounds writemedium🔒---
127686Google Android rw_t2t_ndef.cc rw_t2t_handle_tlv_detect out-of-bounds writemedium🔒---
127685Google Android install.cpp really_install_package use after freemedium🔒---
127684Google Android payload_metadata.cc ParsePayloadHeader out-of-bounds writemedium🔒---
127683Google Android l2c_fcr.cc l2c_lcc_proc_pdu out-of-bounds writemedium🔒---
127682Google Android IMediaExtractor.cp dumpExtractors information disclosurelow🔒---
127681Google Android mkvparser.cc Parse double freemedium🔒---
127680Google Android ihevcd_sao.c ihevcd_sao_shift_ctb out-of-bounds writelow🔒---
127679Google Android Media Server aacdecoder.cpp CAacDecoder_Init out-of-bounds writemedium🔒---
127678Google Android aacdecoder.cpp CAacDecoder_Init out-of-bounds writemedium🔒---
127677Google Android lpp_tran.cpp lppTransposer out-of-bounds writemedium🔒---
127676Google Android ContentProvider.java permissionmedium🔒---
127675Google Android GraphicBuffer.cpp input validationmedium🔒---
127674Google Android v4l2_slice_video_decode_accelerator.cc Dequeue out-of-bounds readmedium🔒---
127673McAfee True Key Microsoft Windows Client access control [CVE-2018-6757]medium🔒---
127672McAfee True Key Microsoft Windows Client access control [CVE-2018-6756]medium🔒---
127671McAfee True Key Microsoft Windows Client access control [CVE-2018-6755]medium🔒---
127670Zenitel Norway IP-StationWeb zForm_save_changes Stored cross site scriptinglow🔒---
127669Zenitel Norway IP-StationWeb Reflected cross site scripting [CVE-2018-19926]low🔒---
127668Sales / Company Management System member_order.php sql injectionmedium🔒---
127667Sales / Company Management System cross site scripting [CVE-2018-19924]low🔒---
127666Sales / Company Management System cross-site request forgerylow🔒---
127665Actiontec C1000A Website Blocking Page advancedsetup_websiteblocking.html Persistent cross site scriptinglow🔒---
127664Zoho ManageEngine OpManager Domain Controller cross site scriptinglow🔒---
127663Pixelimity portfolio.php Persistent cross site scriptinglow🔒---
127662DomainMod host.php cross site scriptinglow🔒---
127661DomainMod dns.php cross site scriptinglow🔒---
127660DomainMod registrar-accounts.php cross site scriptinglow🔒---
127659FreeSWITCH mod_xml_rpc input validation [CVE-2018-19911]medium🔒---
127658MISP Import Event.php os command injectionmedium🔒---
127657QEMU Bluetooth Subsystem integer overflow [CVE-2018-19665]medium🔒--🔒
127656Moxa NPort W2x50A Web Server webSettingProfileSecurity os command injectionmedium🔒---
127655Moxa NPort W2x50A Web Server net_WebPingGetValue os command injectionmedium🔒---
127654IBM Connections Error Message information disclosure [CVE-2018-1935]low🔒---
127653IBM Financial Transaction Manager for Digital Payments for Multi-Platform Web UI cross site scriptinglow🔒---
127652Norton Password Manager cross site scripting [CVE-2018-18362]low🔒---
127651Amazon Web Services FreeRTOS xProcessReceivedTCPPacket information disclosuremedium🔒---
127650Amazon Web Services FreeRTOS DHCP Response information disclosuremedium🔒---
127649Amazon Web Services FreeRTOS IP Header prvProcessIPPacket integer underflowmedium🔒---
127648Amazon Web Services FreeRTOS ARP Packet eARPProcessPacket information disclosuremedium🔒---
127647Amazon Web Services FreeRTOS NBNS Packet prvTreatNBNS information disclosuremedium🔒---
127646Amazon Web Services FreeRTOS DNS Response prvParseDNSReply confused deputymedium🔒---
127645Amazon Web Services FreeRTOS TLS Connectivity GGD_SecureConnect_Connect input validationmedium🔒---
127644Amazon Web Services FreeRTOS prvProcessICMPPacket information disclosurelow🔒---
127643Amazon Web Services FreeRTOS Protocol Checksum Generator prvProcessIPPacket memory corruptionmedium🔒---
127642Amazon Web Services FreeRTOS DNS LLMNR Packet prvParseDNSReply memory corruptionmedium🔒---
127641Amazon Web Services FreeRTOS TCP Options prvCheckOptions information disclosurelow🔒---
127640Amazon Web Services FreeRTOS prvCheckOptions divide by zerolow🔒---
127639Amazon Web Services FreeRTOS use after free [CVE-2018-16522]medium🔒---
127638F5 BIG-IP APM Client svpn race condition [CVE-2018-15332]medium🔒---
127637IBM i2 Enterprise Insight Analysis HSTS information disclosurelow🔒---
127636IBM i2 Enterprise Insight Analysis Web Page Storage information disclosurelow🔒---
127635IBM i2 Enterprise Insight Analysis input validation [CVE-2018-1504]medium🔒---
127634Apple iCloud WebKit memory corruption [CVE-2018-4438]medium🔒--🔒
127633Apple iCloud WebK it memory corruption [CVE-2018-4443]medium🔒--🔒
127632Apple iCloud WebK it memory corruption [CVE-2018-4442]medium🔒--🔒
127631Apple iCloud WebK it memory corruption [CVE-2018-4441]medium🔒--🔒
127630Apple iCloud WebKit memory corruption [CVE-2018-4464]medium🔒--🔒
127629Apple iCloud WebKit memory corruption [CVE-2018-4437]medium🔒--🔒
127628Apple iCloud Safari input validation [CVE-2018-4439]medium🔒--🔒
127627Apple iCloud Safari Address input validationmedium🔒--🔒
127626Apple Safari WebKit memory corruption [CVE-2018-4438]medium🔒--🔒
127625Apple Safari WebKit memory corruption [CVE-2018-4443]medium🔒--🔒
127624Apple Safari WebKit memory corruption [CVE-2018-4442]medium🔒--🔒
127623Apple Safari WebKit memory corruption [CVE-2018-4441]medium🔒--🔒
127622Apple Safari WebKit memory corruption [CVE-2018-4464]medium🔒--🔒
127621Apple Safari WebKit memory corruption [CVE-2018-4437]medium🔒--🔒
127620Apple Safari information disclosure [CVE-2018-4445]low🔒--🔒
127619Apple Safari input validation [CVE-2018-4439]medium🔒--🔒
127618Apple Safari Address input validation [CVE-2018-4440]medium🔒--🔒
127617Apple iTunes WebKit memory corruption [CVE-2018-4438]medium🔒--🔒
127616Apple iTunes WebKit memory corruption [CVE-2018-4443]medium🔒--🔒
127615Apple iTunes WebKit memory corruption [CVE-2018-4442]medium🔒--🔒
127614Apple iTunes WebKit memory corruption [CVE-2018-4441]medium🔒--🔒
127613Apple iTunes WebKit memory corruption [CVE-2018-4464]medium🔒--🔒
127612Apple iTunes WebKit memory corruption [CVE-2018-4437]medium🔒--🔒
127611Apple iTunes Safari input validation [CVE-2018-4439]medium🔒--🔒
127610Apple iTunes Safari Address input validationmedium🔒--🔒
127609Apple macOS WindowServer memory corruption [CVE-2018-4450]medium🔒--🔒
127608Apple macOS WindowServer memory corruption [CVE-2018-4449]medium🔒--🔒
127607Apple macOS Kernel memory corruption [CVE-2018-4461]medium🔒--🔒
127606Apple macOS Kernel input validation [CVE-2018-4435]medium🔒--🔒
127605Apple macOS Kernel memory corruption [CVE-2018-4447]medium🔒--🔒
127604Apple macOS Kernel Memory information disclosurelow🔒--🔒
127603Apple macOS Kernel input validation [CVE-2018-4460]low🔒--🔒
127602Apple macOS IOHIDFamily memory corruption [CVE-2018-4427]medium🔒--🔒
127601Apple macOS Intel Graphics Driver out-of-bounds read [CVE-2018-4434]medium🔒--🔒
127600Apple macOS Disk Images memory corruption [CVE-2018-4465]medium🔒--🔒
127599Apple macOS Carbon Core memory corruption [CVE-2018-4463]medium🔒--🔒
127598Apple macOS AMD Memory input validationlow🔒--🔒
127597Apple macOS Airport input validation [CVE-2018-4303]medium🔒--🔒
127596Apple tvOS WebKit memory corruption [CVE-2018-4464]medium🔒--🔒
127595Apple tvOS WebKit memory corruption [CVE-2018-4437]medium🔒--🔒
127594Apple tvOS WebKit memory corruption [CVE-2018-4438]medium🔒--🔒
127593Apple tvOS WebKit memory corruption [CVE-2018-4443]medium🔒--🔒
127592Apple tvOS WebKit memory corruption [CVE-2018-4442]medium🔒--🔒
127591Apple tvOS WebKit memory corruption [CVE-2018-4441]medium🔒--🔒
127590Apple tvOS Profiles certificate validation [CVE-2018-4436]medium🔒--🔒
127589Apple tvOS Kernel memory corruption [CVE-2018-4461]medium🔒--🔒
127588Apple tvOS Kernel memory corruption [CVE-2018-4447]medium🔒--🔒
127587Apple tvOS Kernel input validation [CVE-2018-4435]medium🔒--🔒
127586Apple tvOS Kernel Kernel Memory information disclosurelow🔒--🔒
127585Apple tvOS Kernel input validation [CVE-2018-4460]low🔒--🔒
127584Apple tvOS Disk Images memory corruption [CVE-2018-4427]medium🔒--🔒
127583Apple tvOS Airport input validation [CVE-2018-4303]medium🔒--🔒
127582Apple iOS WebKit memory corruption [CVE-2018-4464]medium🔒--🔒
127581Apple iOS WebKit memory corruption [CVE-2018-4437]medium🔒--🔒
127580Apple iOS WebKit memory corruption [CVE-2018-4438]medium🔒--🔒
127579Apple iOS WebKit memory corruption [CVE-2018-4443]medium🔒--🔒
127578Apple iOS WebKit memory corruption [CVE-2018-4442]medium🔒--🔒
127577Apple iOS WebKit memory corruption [CVE-2018-4441]medium🔒--🔒
127576Apple iOS Safari information disclosure [CVE-2018-4445]low🔒--🔒
127575Apple iOS Safari Address input validationmedium🔒--🔒
127574Apple iOS Safari input validation [CVE-2018-4439]medium🔒--🔒
127573Apple iOS Profiles certificate validation [CVE-2018-4436]medium🔒--🔒
127572Apple iOS LinkPresentation input validation [CVE-2018-4429]medium🔒---
127571Apple iOS Kernel memory corruption [CVE-2018-4461]medium🔒--🔒
127570Apple iOS Kernel memory corruption [CVE-2018-4447]medium🔒--🔒
127569Apple iOS Kernel input validation [CVE-2018-4435]medium🔒--🔒
127568Apple iOS Kernel Kernel Memory information disclosurelow🔒--🔒
127567Apple iOS Kernel input validation [CVE-2018-4460]low🔒--🔒
127566Apple iOS File Provider input validation [CVE-2018-4446]low🔒---
127565Apple iOS FaceTime Contact information disclosurelow🔒---
127564Apple iOS Disk Images memory corruption [CVE-2018-4465]medium🔒--🔒
127563Apple iOS Airport input validation [CVE-2018-4303]medium🔒--🔒
127562Crafter CMS Template os command injection [CVE-2018-19907]medium🔒---
127561ThinkCMF ArticleController.class.php edit_post sql injectionmedium🔒---
127560ThinkCMF AdminbaseController.class.php listorders sql injectionmedium🔒---
127559ThinkCMF SlideController.class.php delete sql injectionmedium🔒---
127558ThinkCMF NavController.class.php edit_post sql injectionmedium🔒---
127557ThinkCMF CommentadminController.class.php check sql injectionmedium🔒---
127556PbootCMS SearchController.php sql injectionmedium🔒---
127555DomainMod add-server.php cross site scriptinglow🔒---
127554Freeware Advanced Audio Coder huff2.c huffcode memory corruptionlow🔒---
127553Freeware Advanced Audio Coder huff2.c huffcode memory corruptionlow🔒---
127552Freeware Advanced Audio Coder huff2.c huffcode memory corruptionlow🔒---
127551Freeware Advanced Audio Coder huff2.c huffcode memory corruptionlow🔒---
127550Freeware Advanced Audio Coder huff2.c huffcode memory corruptionlow🔒---
127549Freeware Advanced Audio Coder huff2.c huffcode memory corruptionlow🔒---
127548Artifex MuPDF svg-run.c svg_run_image null pointer dereferencelow🔒---
127547Artifex MuPDF svg-run.c fz_xml_att resource consumptionlow🔒---
127546Adiscon LogAnalyzer Login Button Referer Field login.php cross site scriptinglow🔒---
127545Cairo cairo-ft-font.c cairo_ft_apply_variations use after freelow🔒--🔒
127544Qt Virtual Keyboard log file [CVE-2018-19865]low🔒---
127543NUUO NVRmini2 Network Video Recorder input validation [CVE-2018-19864]medium🔒---
127542OpenRefine path traversal [CVE-2018-19859]medium🔒---
127541VideoLAN VLC Media Player CAF Demuxer caf.c ReadKukiChunk uninitialized pointermedium🔒--🔒
127540Tarantella Enterprise Access Control access control [CVE-2018-19754]medium🔒---
127539Tarantella Enterprise path traversal [CVE-2018-19753]medium🔒---
127538Antiy AVL ATool Security Management Kernel Driver IRPFile.sys memory corruptionlow🔒---
127537ARM mbed TLS RSA Decryption cryptographic issues [CVE-2018-19608]medium🔒--🔒
127536IBM Campaign access control [CVE-2018-1941]low🔒---
127535IBM QRadar SIEM information disclosure [CVE-2018-1732]low🔒---
127534IBM QRadar SIEM XML Data xml external entity reference [CVE-2018-1730]medium🔒---
127533IBM QRadar SIEM Web UI cross site scripting [CVE-2018-1728]low🔒---
127532IBM Maximo Asset Management Username information disclosure [CVE-2018-1697]low🔒---
127531SolarWinds SFTP SCP Server Configuration File xml external entity referencemedium🔒---
127530SolarWinds SFTP SCP Server Configuration File Password credentials managementlow🔒---
127529IBM QRadar SIEM hard-coded credentials [CVE-2018-1650]medium🔒---
127528IBM QRadar SIEM inadequate encryption [CVE-2018-1648]medium🔒---
127527Cloud Foundry NFS Volume Log Credentials credentials managementlow🔒---
127526Dell Encryption Folder Access information disclosure [CVE-2018-15773]low🔒---
127525IBM QRadar SIEM Web Pages information disclosure [CVE-2018-1568]low🔒---
127524Intel IPP Cryptographic Library information disclosure [CVE-2018-12155]low🔒---
127523Minikube Kubernetes Dashboard cross-site request forgery [CVE-2018-1002103]medium🔒---
127522Kubernetes Volume Mount command injection [CVE-2018-1002101]medium🔒---
127521IBM QRadar SIEM Certificate Validation certificate validationmedium🔒---
127520BMC Remedy Action Request System improper authentication [CVE-2018-19505]medium🔒---
127519Data Ontap 7-Mode information disclosure [CVE-2018-5496]low🔒---
127518Hashicorp Vault Server Log log file [CVE-2018-19786]medium🔒---
127517CX-One CX-Programmer/CX-Server memory corruption [CVE-2018-18993]medium🔒---
127516SCADA Webserver Reflected cross site scripting [CVE-2018-18991]low🔒---
127515CX-One CX-Programmer/CX-Server Project File use after free [CVE-2018-18989]medium🔒---
127514GitLab Enterprise Edition Kubernetes server-side request forgerymedium🔒--🔒
127513GitLab Community Edition/Enterprise Edition Error Message information disclosurelow🔒--🔒
127512GitLab Community Edition/Enterprise Edition Authorization improper authorizationmedium🔒--🔒
127511GitLab Community Edition/Enterprise Edition server-side request forgerymedium🔒--🔒
127510GitLab Community Edition/Enterprise Edition Email Reply information disclosurelow🔒--🔒
127509GitLab Community Edition/Enterprise Edition Prometheus information disclosurelow🔒--🔒
127508GitLab Community Edition/Enterprise Edition cross site scriptinglow🔒--🔒
127507GitLab Community Edition/Enterprise Edition credentials managementlow🔒--🔒
127506GitLab Community Edition/Enterprise Edition Bowser Cache information disclosurelow🔒--🔒
127505GitLab Community Edition Epic Change Description information disclosurelow🔒--🔒
127504GitLab Community Edition GFM Markdown API information disclosurelow🔒--🔒
127503GitLab Community Edition/Enterprise Edition JSON Endpoint information disclosurelow🔒--🔒
127502FreeBSD bhyve input validation [CVE-2018-17160]medium🔒---
127501Red Hat OpenShift Container Platform 3 7pk error [CVE-2018-1002105]medium🔒--🔒
127500Huawei P20 out-of-bounds write [CVE-2018-7987]medium🔒---
127499Huawei VIP App Brute Force improper authentication [CVE-2018-7956]medium🔒---
127498VMware ESXi vmxnet3 Virtual Network Adapter information disclosurelow🔒--🔒
127497VMware ESXi/Workstation/Fusion vmxnet3 Virtual Network Adapter memory corruptionmedium🔒--🔒
127496Google Chrome File Download Page.downloadBehavior unrestricted uploadmedium🔒--🔒
127495Google Chrome WebAssembly null pointer dereference [CVE-2018-6116]medium🔒--🔒
127494Google Chrome File Download Malware input validationmedium🔒--🔒
127493Google Chrome URL Formatter Domain Name data processingmedium🔒--🔒
127492Google Chrome URL Formatter Domain Name data processingmedium🔒--🔒
127491Google Chrome Omnibox Domain Name data processingmedium🔒--🔒
127490Google Chrome URL Formatter data processing [CVE-2018-6104]medium🔒--🔒
127489Google Chrome Prompts Policy input validationmedium🔒--🔒
127488Google Chrome Omnibox URL input validationmedium🔒--🔒
127487Google Chrome DevTools input validation [CVE-2018-6101]low🔒--🔒
127486Google Chrome Blink information disclosure [CVE-2018-6099]medium🔒--🔒
127485Google Chrome URL Formatter Domain Name data processingmedium🔒--🔒
127484Google Chrome Blink information disclosure [CVE-2018-6095]low🔒--🔒
127483Google Chrome GarbageCollection memory corruption [CVE-2018-6094]medium🔒--🔒
127482Google Chrome WebAssembly integer overflow [CVE-2018-6092]medium🔒--🔒
127481Google Chrome Skia integer overflow [CVE-2018-6090]medium🔒--🔒
127480Google Chrome Service Worker input validation [CVE-2018-6089]low🔒--🔒
127479Google Chrome PDFium input validation [CVE-2018-6088]medium🔒--🔒
127478Google Chrome WebAssembly use after free [CVE-2018-6087]medium🔒--🔒
127477Google Chrome Networking Disk Cache use after free [CVE-2018-6086]medium🔒--🔒
127476Google Chrome Networking Disk Cache input validation [CVE-2018-6085]medium🔒--🔒
127475Linux Kernel Crypto User Configuration API crypto_user.c crypto_report_one information disclosurelow🔒--🔒
127474hitshop add privileges managementmedium🔒---
127473YzmCMS search.html cross site scriptinglow🔒---
127472radare2 asm_x86_nz.c opmov out-of-bounds readmedium🔒---
127471radare2 asm_x86_nz.c gettoken out-of-bounds readmedium🔒---
127470Wavpack open_utils.c WavpackVerifySingleBlock out-of-bounds readmedium🔒---
127469Wavpack pack_utils.c WavpackPackInit resource consumptionlow🔒---
127468LibSass sass_context.cpp handle_error out-of-bounds readmedium🔒---
127467LibSass ast.cpp clone resource consumptionlow🔒---
127466LibSass Parser eval.cpp Binary_Expression*) resource consumptionlow🔒---
127465GNU C Library getaddrinfo input validationmedium🔒--🔒
127464FreeBSD NFS Server resource consumption [CVE-2018-17159]low🔒--🔒
127463FreeBSD NFS Server integer overflow [CVE-2018-17158]medium🔒--🔒
127462FreeBSD NFS Server integer overflow [CVE-2018-17157]medium🔒--🔒
127461Pluck cross-site request forgery [CVE-2018-16634]low🔒---
127460Pluck cross site scripting [CVE-2018-16633]low🔒---
127459Intelliants Subrion CMS cross site scripting [CVE-2018-16631]low🔒---
127458Intelliants Subrion CMS #elf_l1_XA cross site scriptinglow🔒---
127457Kirby Blog Name cross site scripting [CVE-2018-16628]low🔒---
127456simplehttpserver path traversal [CVE-2018-16478]low🔒---
127455ASUSTOR ADM Login Page 7pk security [CVE-2018-12319]low🔒---
127454ASUSTOR ADM SNMP Settings Page Password credentials managementlow🔒---
127453ASUSTOR ADM POST Parameter group.cgi os command injectionmedium🔒---
127452ASUSTOR ADM upload.cgi os command injectionmedium🔒---
127451ASUSTOR ADM Password Verification Change credentials managementmedium🔒---
127450ASUSTOR ADM URL downloadwallpaper.cgi path traversalmedium🔒---
127449ASUSTOR ADM URL snmp.cgi input validationmedium🔒--🔒
127448ASUSTOR ADM user.cgi os command injectionmedium🔒---
127447ASUSTOR ADM File Explorer cross site scripting [CVE-2018-12311]low🔒---
127446ASUSTOR ADM System Announcement cross site scripting [CVE-2018-12310]low🔒---
127445ASUSTOR ADM upload.cgi path traversalmedium🔒---
127444ASUSTOR ADM share.cgi Key information disclosurelow🔒---
127443ASUSTOR ADM user.cgi os command injectionmedium🔒---
127442ASUSTOR ADM URL path traversal [CVE-2018-12306]medium🔒---
127441ASUSTOR ADM SVG Image Embedded cross site scriptinglow🔒---
127440YunoHost Profile Page cross site scripting [CVE-2018-11348]low🔒---
127439YunoHost Header Injection response splitting [CVE-2018-11347]medium🔒---
127438Cisco Energy Management Suite PostgreSQL Database hard-coded credentialsmedium🔒---
127437HPE Intelligent Management Center dbman input validation [CVE-2018-7116]low🔒--🔒
127436HPE Intelligent Management Center dbman.exe memory corruptionmedium🔒--🔒
127435HPE Intelligent Management Center dbman memory corruption [CVE-2018-7114]medium🔒--🔒
127434HPE Integrated Lights-Out 5 Firmware Update 7pk security [CVE-2018-7113]low🔒---
127433Brocade Fabric OS Proxy Service privileges management [CVE-2018-6440]medium🔒---
127432Brocade Fabric OS Command Line Interface access control [CVE-2018-6439]medium🔒---
127431HHVM Proxygen data processing [CVE-2018-6332]low🔒---
127430Netgate pfSense command injection [CVE-2018-4021]medium🔒---
127429Netgate pfSense command injection [CVE-2018-4020]medium🔒---
127428Netgate pfSense command injection [CVE-2018-4019]medium🔒---
127427Quicken Deluxe 2018 Password Protection input validation [CVE-2018-3854]medium🔒---
127426MetInfo HTTP Header applogin.php response splittingmedium🔒---
127425MetInfo move.php Reflected cross site scriptinglow🔒---
127424LibSass SharedPtr.cpp SharedPtr use after freelow🔒---
127423LibSass inspect.cpp String_Quoted*) resource consumptionlow🔒---
127422Linux Kernel ALSA Driver card.c use after freemedium🔒--🔒
127421LibSass SharedPtr.hpp populate_extends null pointer dereferencelow🔒---
127420Ninja Forms Plugin step-processing.php redirect [CVE-2018-19796]medium🔒---
127419ChipsBank UMPTool Password Storage insufficiently protected credentialsmedium🔒---
127418Internet2 Grouper UiV2Public.index cross site scriptinglow🔒---
127417jiacrontab command injection [CVE-2018-19793]medium🔒---
127416LiteSpeed OpenLiteSpeed Server getServerRootFromExecutablePath memory corruptionmedium🔒---
127415LiteSpeed OpenLiteSpeed Byte Sequence input validation [CVE-2018-19791]medium🔒---
127414PolicyKit UID input validation [CVE-2018-19788]medium🔒--🔒
127413IBM WebSphere Application Server Security Domain access controlmedium🔒---
127412Nettle PKCS #1 Bleichenbacher cryptographic issuesmedium🔒--🔒
127411GnuTLS PKCS #1 Bleichenbacher cryptographic issuesmedium🔒--🔒
127410Red Hat Enterprise Linux Incomplete Fix CVE-2018-16509 os command injectionmedium🔒--🔒
127409PowerDNS Recursor out-of-bounds read [CVE-2018-16855]medium🔒--🔒
127408Drobo 5N2 NAS Dashboard API improper authentication [CVE-2018-14709]medium🔒---
127407Drobo 5N2 NAS Dashboard API improper authentication [CVE-2018-14708]medium🔒---
127406Drobo 5N2 NAS Pix Web Application path traversal [CVE-2018-14707]medium🔒---
127405Drobo 5N2 NAS demo command injectionmedium🔒---
127404Drobo 5N2 NAS MySQL API Error Page cross site scripting [CVE-2018-14704]low🔒---
127403Drobo 5N2 NAS data Password access controllow🔒---
127402Drobo 5N2 NAS Access Control drobo.php information disclosurelow🔒---
127401Drobo 5N2 NAS delete_user command injectionmedium🔒---
127400Drobo 5N2 NAS Access Control logfile.php Log log filelow🔒---
127399Drobo 5N2 NAS enable_user command injectionmedium🔒---
127398Drobo 5N2 NAS delete_user cross site scriptinglow🔒---
127397Drobo 5N2 NAS enable_user cross site scriptinglow🔒---
127396Drobo 5N2 NAS Access Control drobo.php information disclosurelow🔒---
127395Drobo 5N2 NAS Access Control diags.php Diagnostic information disclosurelow🔒---
127394Arigato Autoresponder/Newsletter unsubscribe.html.php Reflected cross site scriptinglow🔒---
127393Arigato Autoresponder/Newsletter list-user.html.php Reflected cross site scriptinglow🔒---
127392Arigato Autoresponder/Newsletter integration-contact-form.html.php Reflected cross site scriptinglow🔒---
127391Arigato Autoresponder/Newsletter integration-contact-form.html.php cross site scriptinglow🔒---
127390Arigato Autoresponder/Newsletter bft_list.html.php cross site scriptinglow🔒---
127389Arigato Autoresponder/Newsletter Reflected cross site scriptinglow🔒---
127388Arigato Autoresponder/Newsletter Reflected cross site scriptinglow🔒---
127387Arigato Autoresponder/Newsletter Reflected cross site scriptinglow🔒---
127386Arigato Autoresponder/Newsletter Reflected cross site scriptinglow🔒---
127385Arigato Autoresponder/Newsletter Blind sql injection [CVE-2018-1002000]medium🔒---
127384Perl Regex regcomp.c S_regatom memory corruptionmedium🔒--🔒
127383Perl Regex regcomp.c S_grok_bslash_N out-of-bounds readlow🔒--🔒
127382Perl Regex regcomp.c S_regatom memory corruptionmedium🔒--🔒
127381Perl Perl_my_setenv memory corruptionmedium🔒--🔒
127380lxml javascript URL clean.py cross site scriptinglow🔒--🔒
127379Atlantis Word Processor Rich Text Format Parser uninitialized pointermedium🔒---
127378Atlantis Word Processor PNG out-of-bounds write [CVE-2018-4039]medium🔒---
127377Atlantis Word Processor Open Document Parser write-what-where conditionmedium🔒---
127376LXCI for VMware File Download input validation [CVE-2018-9072]low🔒---
127375Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server cross-site request forgerylow🔒---
127374Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server response splittingmedium🔒---
127373Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server password recoverymedium🔒---
127372Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server cross site scriptinglow🔒---
127371Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server password recoverymedium🔒---
127370StruxureWare Data Center Expert File Upload path traversal [CVE-2018-7807]medium🔒---
127369StruxureWare Data Center Operation File Upload path traversalmedium🔒---
127368TP-LINK TL-R600VPN HTTP Server header-parsing memory corruptionmedium🔒---
127367TP-LINK TL-R600VPN HTTP Server memory corruption [CVE-2018-3950]medium🔒---
127366TP-LINK TL-R600VPN HTTP Server path traversal [CVE-2018-3949]medium🔒---
127365TP-LINK TL-R600VPN Management Portal input validation [CVE-2018-3948]low🔒---
127364PHP-Proxy index.php cross site scriptinglow🔒---
127363PHP-Proxy helpers.php str_rot_pass cryptographic issuesmedium🔒---
127362Budabot Lax Syntax Validator calc.php command injectionmedium🔒---
127361IBM StoredIQ access control [CVE-2018-1928]medium🔒---
127360IBM StoredIQ cross-site request forgery [CVE-2018-1927]low🔒---
127359VT-Designer deserialization [CVE-2018-18987]medium🔒---
127358VT-Designer memory corruption [CVE-2018-18983]medium🔒---
127357IBM DB2 db2pdcfg memory corruption [CVE-2018-1897]medium🔒---
127356SwitchVPN Client access control [CVE-2018-18860]medium🔒---
127355Active Storage access control [CVE-2018-16477]medium🔒---
127354Active Job Access Control input validation [CVE-2018-16476]medium🔒--🔒
127353LXCI for VMware/LXCI for Microsoft System Center File Upload unrestricted uploadmedium🔒---
127352LXCI for VMware File Upload unrestricted upload [CVE-2018-16093]medium🔒---
127351Google Android Permission permission [CVE-2018-15835]medium🔒---
127350Dell OpenManage Network Manager MySQL access control [CVE-2018-15768]medium🔒---
127349Dell Network Manager Authorization sudoers improper authorizationmedium🔒---
127348NUUO NVRMini2 upgrade_handle.php os command injectionmedium🔒--🔒
127347Zoom Client Message input validation [CVE-2018-15715]medium🔒--🔒
127346KeyCloak SAML Broker Endpoint improper authentication [CVE-2018-14637]medium🔒--🔒
127345QNAP QTS cross site scripting [CVE-2018-0716]low🔒---
127344Artifex MuPDF svg-device.c svg_dev_end_tile resource consumptionlow🔒---
127343Mini-XML memory leak [CVE-2018-19764]low🔒---
127342libsixel writer.c write_png_to_file out-of-bounds readmedium🔒---
127341libsixel fromsixel.c image_buffer_resize memory corruptionmedium🔒---
127340libsixel fromsixel.c sixel_decode_raw_impl out-of-bounds readlow🔒---
127339libConfuse confuse.c cfg_init resource managementlow🔒---
127338libsixel stb_image_write.h stbi_write_png_to_mem out-of-bounds readmedium🔒---
127337libsndfile wav.c wav_write_header out-of-bounds readmedium🔒--🔒
127336libsixel status.c sixel_helper_set_additional_message null pointer dereferencelow🔒---
127335libsixel stb_image.h stbi__tga_load out-of-bounds readmedium🔒---
127334Netwide Assembler Array Access preproc.c input validationlow🔒---
127333FreeRDP NTLM Authentication out-of-bounds read [CVE-2018-8789]low🔒--🔒
127332FreeRDP nsc_rle_decode out-of-bounds writemedium🔒--🔒
127331FreeRDP gdi_Bitmap_Decompress integer overflowmedium🔒--🔒
127330FreeRDP update_read_bitmap_update memory corruptionmedium🔒--🔒
127329FreeRDP zgfx_decompress memory corruptionmedium🔒--🔒
127328FreeRDP zgfx_decompress_segment memory corruptionmedium🔒--🔒
127327DomainMod Registrar registrar.php cross site scriptinglow🔒---
127326DomainMod Custom SSL Field add.php cross site scriptinglow🔒---
127325DomainMod Custom Domain cross site scripting [CVE-2018-19750]low🔒---
127324DomainMod account-owner.php cross site scriptinglow🔒---
127323SDcms Base64 Encoding admincontroller.php path traversallow🔒---
127322tp5cms set.html cross site scriptinglow🔒---
127321tp5cms picture.html unrestricted uploadmedium🔒---
127320OSSEC path traversal [CVE-2018-19666]medium🔒---
127319libjpeg-turbo wrbmp.c put_pixel_rows memory corruptionmedium🔒--🔒
127318libsndfile alaw.c i2alaw_array memory corruptionmedium🔒--🔒
127317libsndfile ulaw.c i2ulaw_array memory corruptionmedium🔒--🔒
127316dcraw Products find_green memory corruptionmedium🔒---
127315SCMS access control [CVE-2018-19654]medium🔒---
127314Wireshark ZigBee ZCL Dissector packet-zbee-zcl-lighting.c divide by zerolow🔒--🔒
127313Wireshark IxVeriWave File Parser vwr.c out-of-bounds readlow🔒--🔒
127312Wireshark DCOM Dissector packet-dcom.c memory corruptionlow🔒--🔒
127311Wireshark Dissection Engine tvbuff_composite.c out-of-bounds readmedium🔒--🔒
127310Wireshark PVFS Dissector packet-pvfs2.c null pointer dereferencelow🔒--🔒
127309Wireshark LBMPDM Dissector packet-lbmpdm.c numeric errormedium🔒--🔒
127308Wireshark MMSE Dissector packet-mmse.c resource consumptionlow🔒--🔒
127307i4 Assistant iOS Setting cross site scripting [CVE-2018-19527]low🔒---
127306The Sleuth Kit hfs.c hfs_cat_traverse out-of-bounds readmedium🔒--🔒
127305KDE Applications HTML Thumbnailer Plugin information disclosuremedium🔒--🔒
127304GitLab Community Edition/Enterprise Edition Wiki API input validationmedium🔒--🔒
127303Advanced Comment System admin.php sql injectionmedium🔒---
127302IBM Rational Collaborative Lifecycle Management Web UI cross site scriptinglow🔒---
127301Ansible Playbooks Log Credentials log filelow🔒--🔒
127300Adobe Photoshop CC out-of-bounds read [CVE-2018-15980]medium🔒--🔒
127299Adobe Acrobat Reader NTLM SSO Hash information disclosure [CVE-2018-15979]low🔒--🔒
127298Adobe Flash Player out-of-bounds read [CVE-2018-15978]medium🔒--🔒
127297OCS Inventory NG File Upload unrestricted upload [CVE-2018-15537]medium🔒---
127296PowerDNS Authoritative Server/Recursor Cache data processinglow🔒--🔒
127295Symantec Endpoint Protection DLL Loader untrusted search pathlow🔒--🔒
127294Symantec Endpoint Protection Detection Engine 7pk security [CVE-2018-12239]medium🔒--🔒
127293Symantec Endpoint Protection Detection Engine 7pk security [CVE-2018-12238]medium🔒--🔒
127292Pulse Secure Desktop Client Permission uncontrolled search pathmedium🔒---
127291PowerDNS Authoritative Server/PowerDNS Recursor resource managementlow🔒--🔒
127290Qualcomm Snapdragon Automobile DRM memory corruption [CVE-2018-5918]medium🔒---
127289Qualcomm Snapdragon Automobile/Snapdragon Mobile OEM Crypto memory corruptionmedium🔒---
127288Qualcomm Snapdragon Automobile PDP Decoder out-of-bounds readmedium🔒---
127287Qualcomm Snapdragon Automobile/Snapdragon Mobile Video memory corruptionmedium🔒---
127286Qualcomm Snapdragon Automobile Device Programmer memory corruptionmedium🔒---
127285Qualcomm Snapdragon Mobile Service Image Loader memory corruptionlow🔒---
127284Rapid7 Komand API information disclosure [CVE-2018-5559]low🔒---
127283Interspire Email Marketer remote.php server-side request forgerymedium🔒---
127282Imperva SecureSphere Python CGI Script os command injection [CVE-2018-19646]medium🔒---
127281OpenWrt/LEDE uhttpd cgi_handle_request Reflected cross site scriptinglow🔒---
127280ShowDoc cross-site request forgery [CVE-2018-19621]low🔒---
127279ShowDoc access control [CVE-2018-19620]medium🔒---
127278Yoast SEO Plugin ZIP Import class-import-settings.php race conditionmedium🔒---
127277Subaru StarLink Harman Head Unit Firmware Persistent signature verificationmedium🔒---
127276Teledyne DALSA Sherlock memory corruption [CVE-2018-17930]medium🔒---
127275FreeBSD ICMP Reply out-of-bounds write [CVE-2018-17156]low🔒---
127274Samba AD DC Configuration security check for standard [CVE-2018-16857]medium🔒--🔒
127273Samba Kerberos resource consumption [CVE-2018-16853]low🔒--🔒
127272Samba DNS Zone null pointer dereference [CVE-2018-16852]low🔒--🔒
127271Samba LDAP Service null pointer dereference [CVE-2018-16851]low🔒--🔒
127270Samba Smart-Card Authentication talloc_free double freelow🔒--🔒
127269IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1584]low🔒---
127268Cisco Prime License Manager Web Framework sql injection [CVE-2018-15441]medium🔒---
127267QNAP QTS memory corruption [CVE-2018-14749]medium🔒---
127266QNAP QTS improper authorization [CVE-2018-14748]medium🔒---
127265QNAP QTS Media Server null pointer dereference [CVE-2018-14747]low🔒---
127264QNAP QTS command injection [CVE-2018-14746]medium🔒---
127263Samba LDAP Server resource consumption [CVE-2018-14629]low🔒--🔒
127262Node.js javascript URL url.parse input validationmedium🔒--🔒
127261Node.js HTTP Header Slowloris resource consumptionlow🔒--🔒
127260Node.js HTTP Header resource consumption [CVE-2018-12121]low🔒--🔒
127259Node.js Debugger 7pk security [CVE-2018-12120]medium🔒--🔒
127258Node.js HTTP Request request smuggling [CVE-2018-12116]medium🔒--🔒
127257Qualcomm Snapdragon Automobile Device Programmer array indexmedium🔒---
127256Qualcomm Snapdragon Automobile SMMU Secure Camera access controlmedium🔒---
127255Qualcomm Snapdragon Automobile SUI Display 7pk error [CVE-2018-11921]medium🔒---
127254Qualcomm Snapdragon Automobile Ontario Fingerprint memory corruptionmedium🔒---
127253Qualcomm Snapdragon Automobile/Snapdragon Mobile CRL Validation input validationmedium🔒---
127252Qualcomm Snapdragon Automobile/Snapdragon Mobile Modem input validationmedium🔒---
127251Qualcomm Snapdragon Automobile Ontario Kernel Driver Kernel Memory access controlmedium🔒---
127250Qualcomm Snapdragon Mobile ASN.1 Parser out-of-bounds read [CVE-2017-18315]medium🔒---
127249Lenovo Software Update 7pk security [CVE-2018-9084]medium🔒---
127248Lenovo System Management Module credentials management [CVE-2018-9083]medium🔒---
127247Huawei Smartphone Factory Reset Protection authorization [CVE-2018-7988]medium🔒---
127246Huawei Product Communication information disclosure [CVE-2018-7977]medium🔒---
127245Huawei Smart Phone SMS Verification Code information disclosurelow🔒---
127244Huawei eSpace SRTP cryptographic issues [CVE-2018-7960]medium🔒---
127243Huawei eSpace SRTP information disclosure [CVE-2018-7959]low🔒---
127242Huawei eSpace TLS improper authentication [CVE-2018-7958]medium🔒---
127241Huawei Smartphone Configuration information disclosure [CVE-2018-7946]low🔒---
127240VMware Workstation/Fusion Virtual Network Device integer overflowmedium🔒--🔒
127239NVIDIA GeForce Experience information disclosure [CVE-2018-6266]low🔒---
127238NVIDIA GeForce Experience Application Installation access controllow🔒---
127237NVIDIA GeForce Experience DLL Loader access control [CVE-2018-6263]low🔒---
127236Google Android WLAN Host Driver use after free [CVE-2018-5919]medium🔒---
127235Google Android Linux Kernel memory corruption [CVE-2018-5910]medium🔒---
127234Google Android Display memory corruption [CVE-2018-5909]medium🔒---
127233Google Android Display memory corruption [CVE-2018-5908]medium🔒---
127232Google Android debugfs memory corruption [CVE-2018-5906]medium🔒---
127231Google Android LPM Status Driver use after free [CVE-2018-5904]medium🔒---
127230Google Android Linux Kernel type conversion [CVE-2018-5861]medium🔒---
127229Google Android Audio use after free [CVE-2018-5856]medium🔒---
127228ShowDoc information disclosure [CVE-2018-19609]low🔒---
127227Exiv2 easyaccess.cpp isoSpeed null pointer dereferencelow🔒---
127226PbootCMS code injection [CVE-2018-19595]medium🔒---
127225Cesanta Mongoose mongoose.c mg_mqtt_add_session memory corruptionmedium🔒---
127224NUOO CMS Web Server sql injection [CVE-2018-18982]medium🔒---
127223openSUSE Linux Enterprise PAM 1.3.0 data processing [CVE-2018-17953]medium🔒--🔒
127222NUUO CMS File Upload unrestricted upload [CVE-2018-17936]medium🔒---
127221NUUO CMS path traversal [CVE-2018-17934]medium🔒---
127220Umbraco CMS Content Header Name Persistent cross site scriptinglow🔒---
127219Xiaomi Mi Router 3 URL Parameter command injection [CVE-2018-16130]medium🔒---
127218Lenovo System Management Module Web Interface cross site scriptinglow🔒---
127217Lenovo System Management Module Debug Log Password debug log filelow🔒---
127216Lenovo System Management Module memory corruption [CVE-2018-16094]medium🔒---
127215Lenovo System Management Module FFDC credentials management [CVE-2018-16092]low🔒---
127214Lenovo System Management Module SMM Certificate memory corruptionmedium🔒---
127213Lenovo System Management Module SMM Certificate command injectionmedium🔒---
127212Lenovo System Management Module SMM Firmware command injectionmedium🔒---
127211ZyXEL NSA325 V2 zyshclient command injection [CVE-2018-14893]medium🔒---
127210ZyXEL NSA325 V2 Web Application cross-site request forgery [CVE-2018-14892]low🔒---
127209TerraMaster TOS ajaxdata.php command injectionmedium🔒---
127208Fortinet FortiOS Web Pages resource management [CVE-2018-13376]low🔒--🔒
127207Master TerraMaster TOS usertable.php User input validationlow🔒---
127206TerraMaster TOS Text Editor cross site scripting [CVE-2018-13360]low🔒---
127205TerraMaster TOS usertable.php cross-site request forgerylow🔒---
127204TerraMaster TOS ajaxdata.php command injectionmedium🔒---
127203TerraMaster TOS Shared Folders cross site scripting [CVE-2018-13357]low🔒---
127202TerraMaster TOS Access Control ajaxdata.php access controlmedium🔒---
127201TerraMaster TOS Shared Folders access control [CVE-2018-13355]low🔒---
127200TerraMaster TOS logtable.php command injectionmedium🔒---
127199TerraMaster TOS ajaxdata.php command injectionmedium🔒---
127198TerraMaster TOS Web Application Session Token information disclosurelow🔒---
127197TerraMaster TOS Control Panel cross site scripting [CVE-2018-13351]low🔒---
127196TerraMaster TOS logtable.php sql injectionmedium🔒---
127195TerraMaster TOS Web Application Taskbar cross site scriptinglow🔒---
127194TerraMaster TOS ajaxdata.php command injectionmedium🔒---
127193TerraMaster TOS session fixiation [CVE-2018-13337]medium🔒---
127192TerraMaster TOS ajaxdata.php command injectionmedium🔒---
127191TerraMaster TOS Shared Folders cross site scripting [CVE-2018-13335]low🔒---
127190TerraMaster TOS handle.php cross site scriptinglow🔒---
127189TerraMaster TOS File Manager cross site scripting [CVE-2018-13333]low🔒---
127188TerraMaster TOS URL path traversal [CVE-2018-13332]medium🔒---
127187TerraMaster TOS Control Panel cross site scripting [CVE-2018-13331]low🔒---
127186TerraMaster TOS ajaxdata.php command injectionmedium🔒---
127185TerraMaster TOS URL ajaxdata.php cross site scriptinglow🔒---
127184TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13316]medium🔒---
127183TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13314]medium🔒---
127182TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13307]medium🔒---
127181TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13306]medium🔒---
127180Xiaomi Mi Router 3 URL command injection [CVE-2018-13023]medium🔒---
127179Xiaomi Mi Router 3 API 404 Page cross site scripting [CVE-2018-13022]low🔒---
127178Symantec Security Analytics Web UI Reflected cross site scriptinglow🔒---
127177Google Android Linux Kernel memory corruption [CVE-2018-11995]low🔒---
127176Google Android Linux Kernel access control [CVE-2018-11956]medium🔒---
127175Google Android UPnP Daemon improper authorization [CVE-2018-11946]medium🔒---
127174Google Android Fastboot resource management [CVE-2018-11943]low🔒---
127173Google Android SOC Infrastructure memory corruption [CVE-2018-11919]medium🔒---
127172Google Android Linux Kernel probe double freemedium🔒---
127171Google Android Access Control access control [CVE-2018-11914]medium🔒---
127170Google Android Configuration access control [CVE-2018-11913]medium🔒---
127169Google Android Configuration access control [CVE-2018-11912]medium🔒---
127168Google Android Configuration access control [CVE-2018-11911]medium🔒---
127167Google Android Access Control access control [CVE-2018-11910]medium🔒---
127166Google Android Access Control access control [CVE-2018-11909]medium🔒---
127165Google Android Access Control access control [CVE-2018-11908]medium🔒---
127164Google Android Access Control access control [CVE-2018-11907]medium🔒---
127163Google Android ADB/debug-fs access control [CVE-2018-11906]medium🔒---
127162Google Android Driver Probe double free [CVE-2018-11823]medium🔒---
127161Apache Hadoop Incomplete Fix CVE-2016-6811 access control [CVE-2018-11766]medium🔒--🔒
127160Google Android DCI Client Entry input validation [CVE-2018-11266]medium🔒---
127159Google Android Media Codec use after free [CVE-2018-11261]medium🔒---
127158Google Android Linux Kernel integer overflow [CVE-2018-11260]medium🔒---
127157Expedition Migration Tool information disclosure [CVE-2018-10142]low🔒---
127156QNAP QTS memory corruption [CVE-2018-0721]medium🔒---
127155QNAP QTS cross site scripting [CVE-2018-0719]low🔒---
127154Google Android out-of-bounds read [CVE-2017-11078]medium🔒---
127153dcraw kodak_radc_load_raw memory corruptionlow🔒---
127152dcraw parse_tiff_ifd memory corruptionlow🔒---
127151dcraw parse_tiff_ifd out-of-bounds readmedium🔒---
127150dcraw crop_masked_pixels out-of-bounds readmedium🔒---
127149Easy Testimonials Plugin post.php Stored cross site scriptinglow🔒---
127148PHPOK unrestricted upload [CVE-2018-19562]medium🔒---
127147sikcms cross-site request forgery [CVE-2018-19561]low🔒---
127146BageCMS cross-site request forgery [CVE-2018-19560]low🔒---
127145CuppaCMS functions.php sql injectionmedium🔒---
127144arcms newslist sql injectionmedium🔒---
127143arcms main sql injectionmedium🔒---
127142Z-BlogPHP input validation [CVE-2018-19556]medium🔒---
127141tp4a Teleport do-reset-password cross-site request forgerylow🔒---
127140dotCMS image_tool.jsp cross site scriptinglow🔒---
127139Interspire Email Marketer Dynamiccontenttags.php sql injectionmedium🔒---
127138Interspire Email Marketer Dynamiccontenttags.php sql injectionmedium🔒---
127137Interspire Email Marketer Dynamiccontenttags.php sql injectionmedium🔒---
127136Interspire Email Marketer File Upload surveys_submit.php unrestricted uploadmedium🔒---
127135Interspire Email Marketer Dynamiccontenttags.php sql injectionmedium🔒---
127134EduSec credentials management [CVE-2018-19548]medium🔒---
127133JTBC(PHP) cross site scripting [CVE-2018-19547]low🔒---
127132JTBC(PHP) cross-site request forgery [CVE-2018-19546]low🔒---
127131JEECMS admin/ save cross-site request forgerylow🔒---
127130JEECMS save cross-site request forgerylow🔒---
127129IBM WebSphere Application Server XML Data xml external entity referencemedium🔒--🔒
127128TIBCO Statistica Server cross site scripting [CVE-2018-18807]low🔒---
127127Linux Kernel cleancache Subsystem information disclosure [CVE-2018-16862]low🔒--🔒
127126PowerDNS dnsdist input validation [CVE-2018-14663]medium🔒--🔒
127125Linux Kernel af_netlink.c __netlink_ns_capable null pointer dereferencelow🔒--🔒
127124Buffalo TS5600D1206 nasapi access control [CVE-2018-13324]medium🔒---
127123Buffalo TS5600D1206 Cookie detail.html cross site scriptinglow🔒---
127122Buffalo TS5600D1206 list_folders path traversallow🔒---
127121Buffalo TS5600D1206 nasapi access control [CVE-2018-13321]medium🔒---
127120Buffalo TS5600D1206 command injection [CVE-2018-13320]medium🔒---
127119Buffalo Control Access Control information disclosure [CVE-2018-13319]medium🔒---
127118Buffalo TS5600D1206 User.create command injectionmedium🔒---
127117TOTOLINK A3002RU password.htm Password cross site scriptinglow🔒---
127116TOTOLINK A3002RU Access Control formPasswordSetup input validationmedium🔒---
127115TOTOLINK A3002RU notice_gen.htm cross site scriptinglow🔒---
127114TOTOLINK A3002RU Post command injection [CVE-2018-13311]medium🔒---
127113TOTOLINK A3002RU password.htm cross site scriptinglow🔒---
127112TOTOLINK A3002RU password.htm cross site scriptinglow🔒---
127111TOTOLINK A3002RU notice_gen.htm cross site scriptinglow🔒---
127110IBM Integration Bus File Permission permission [CVE-2017-1418]medium🔒--🔒
127109Jasper jp2_dec.c jp2_decode memory corruptionmedium🔒---
127108Jasper jp2_dec.c jp2_decode null pointer dereferencelow🔒--🔒
127107Jasper jas_image.c jas_image_depalettize out-of-bounds readmedium🔒--🔒
127106Jasper jas_icc.c jas_icctxtdesc_input memory corruptionmedium🔒--🔒
127105Jasper jas_image.c jas_image_readcmpt access controllow🔒--🔒
127104TP-LINK Archer C5 Configuration File unrestricted upload [CVE-2018-19537]medium🔒---
127103Exiv2 PNG File pngchunk_int.cpp readRawProfile memory corruptionmedium🔒---
127102PoDoFo pdftranslator.cpp setTarget null pointer dereferencelow🔒--🔒
127101HTTL decodeXml input validationmedium🔒---
127100HTTL decodeXml input validationmedium🔒---
127099TP-LINK TL-WR886N Tlb Loader memory corruption [CVE-2018-19528]low🔒---
127098SDcms themecontroller.php check_bad code injectionmedium🔒---
127097tcpdump print-hncp.c print_prefix out-of-bounds readmedium🔒--🔒
127096University of Washington IMAP Toolkit rsh Command imap4r1.c imap_open os command injectionmedium🔒--🔒
127095sysstat sa_common.c remap_struct out-of-bounds readmedium🔒---
127094Moodle cross-site request forgery [CVE-2018-16854]low🔒--🔒
127093VMware vSphere Data Protection os command injection [CVE-2018-11077]medium🔒--🔒
127092VMware vSphere Data Protection Java Management Client Private Key information disclosurelow🔒--🔒
127091VMware vSphere Data Protection URL redirect [CVE-2018-11067]medium🔒--🔒
127090VMware vSphere Data Protection command injection [CVE-2018-11066]medium🔒--🔒
127089Freeware Advanced Audio Decoder filtbank.c ifilter_bank out-of-bounds readlow🔒---
127088Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruptionmedium🔒---
127087Freeware Advanced Audio Decoder syntax.c excluded_channels memory corruptionmedium🔒---
127086Vanilla Gdn_Format input validationmedium🔒---
127085Gnuplot cairo.trm cairotrm_options memory corruptionmedium🔒--🔒
127084Gnuplot post.trm PS_options memory corruptionmedium🔒--🔒
127083Gnuplot datafile.c df_generate_ascii_array_entry memory corruptionmedium🔒--🔒
127082Git run-command.c run_command untrusted search pathmedium🔒--🔒
127081Artifex Ghostscript Access Restriction zfjbig2.c type conversionmedium🔒--🔒
127080Artifex Ghostscript Access Restriction zicc.c type conversionmedium🔒--🔒
127079Artifex Ghostscript Access Restriction zdevice2.c 7pk securitymedium🔒--🔒
127078ArticleCMS update_personal_infomation cross site scriptinglow🔒---
127077HuCart helper_class.php get_ip sql injectionmedium🔒---
127076Discuz! admin.php cross site scriptinglow🔒---
127075Z-BlogPHP upload.php code injection [CVE-2018-19463]medium🔒---
127074Adult Filter Black Domain List File memory corruption [CVE-2018-19459]medium🔒---
127073PHP Proxy improper authentication [CVE-2018-19458]low🔒---
127072Logicspice FAQ Script faqimages unrestricted uploadmedium🔒---
127071Tryton Client bus.py session fixiationmedium🔒--🔒
127070UCMS credentials management [CVE-2018-19437]medium🔒---
127069webERP CollectiveWorkOrderCost.php sql injectionmedium🔒---
127068webERP SalesInquiry.php sql injectionmedium🔒---
127067webERP General Ledger BankMatching.php sql injectionmedium🔒---
127066ShowDoc database.php cross site scriptinglow🔒---
127065libsndfile sndfile.c sf_write_int null pointer dereferencelow🔒--🔒
127064Adobe Flash Player type conversion [CVE-2018-15981]medium🔒--🔒
127063ClipperCMS unrestricted upload [CVE-2018-19424]medium🔒---
127062Codiad unrestricted upload [CVE-2018-19423]medium🔒---
127061Subrion CMS uploads unrestricted uploadmedium🔒---
127060GetSimpleCMS EML File upload.php unrestricted uploadmedium🔒---
127059GetSimpleCMS upload.php unrestricted uploadmedium🔒---
127058Contiki-NG MQTT Server parse_publish_vhdr memory corruptionmedium🔒---
127057sysstat sa_common.c remap_struct out-of-bounds readmedium🔒---
127056PRTG Network Monitor addusers access controlmedium🔒---
127055PRTG Network Monitor login.htm access controlmedium🔒---
127054Artifex Ghostscript 7pk security [CVE-2018-19409]medium🔒--🔒
127053IBM Cloud Private IAM Services information disclosure [CVE-2018-1843]low🔒---
127052Novell NetWare NFS Portmapper Daemon memory corruption [CVE-2009-5153]medium🔒---
127051Linux Kernel System Call x86.c vcpu_scan_ioapic null pointer dereferencelow🔒--🔒
127050Linux Kernel System Call lapic.c null pointer dereferencelow🔒--🔒
127049YXcms indexController.php code injectionmedium🔒---
127048PHP var_unserializer.c input validationlow🔒---
127047PHP com_safearray_proxy var.c null pointer dereferencelow🔒---
127046Foxit Reader TIFF Data FoxitReader.exe FCP_SendEmailNotification out-of-bounds readlow🔒---
127045Foxit Reader BMP Data FoxitReader.exe FCP_SendEmailNotification out-of-bounds readlow🔒---
127044Foxit Reader TIFF Data FoxitReader.exe ReleaseFXURLToHtml out-of-bounds readmedium🔒---
127043tmux format.c format_cb_pane_tabs null pointer dereferencelow🔒--🔒
127042GreenCMS Log File cross-site request forgery [CVE-2018-19376]low🔒---
127041Royal Browser Extensions TS Credentials credentials managementlow🔒---
127040Loadbalancer.org Enterprise VA MAX Apache HTTP Server Log cross site scriptinglow🔒---
127039PCMan FTP Server APPE Command memory corruption [CVE-2018-18861]medium🔒---
127038LiquidVPN Client XPC Service kextload os command injectionmedium🔒---
127037LiquidVPN Client XPC Service os command injection [CVE-2018-18858]medium🔒---
127036LiquidVPN Client XPC Service os command injection [CVE-2018-18857]medium🔒---
127035LiquidVPN Client XPC Service os command injection [CVE-2018-18856]medium🔒---
127034CWP CentOS Web Panel index.php cross site scriptinglow🔒---
127033CWP CentOS Web Panel cross-site request forgery [CVE-2018-18773]low🔒---
127032CWP CentOS Web Panel cross-site request forgery [CVE-2018-18772]low🔒---
127031Zoho ManageEngine OpManager cross site scripting [CVE-2018-18716]low🔒---
127030Zoho ManageEngine OpManager Stored cross site scripting [CVE-2018-18715]low🔒---
127029Roche Accu-Chek Inform II Software Update unrestricted uploadmedium🔒---
127028Roche Accu-Chek Inform II Access Control access control [CVE-2018-18564]medium🔒---
127027Roche Accu-Chek Inform II File Upload access control [CVE-2018-18563]medium🔒---
127026Roche Accu-Chek Inform II Service Interface credentials managementmedium🔒---
127025Roche Accu-Chek Inform II Service Interface improper authenticationmedium🔒---
127024DENX U-Boot Filesystem Loader memory corruption [CVE-2018-18440]low🔒---
127023DENX U-Boot TFTP memory corruption [CVE-2018-18439]medium🔒---
127022iSmartAlarm Cube One Access Control information disclosure [CVE-2018-16224]low🔒---
127021QBee Cam Application Credentials credentials management [CVE-2018-16223]medium🔒---
127020iSmartAlarm App Configuration File iSmartAlarmData.xml Credentials credentials managementlow🔒---
127019Samsung 840 EVO Encryption Key key management [CVE-2018-12038]low🔒---
127018Samsung Crucial MX300 ATA High Mode cryptographic issues [CVE-2018-12037]medium🔒---
127017FineUploader php-traditional-server File Upload unrestricted uploadmedium🔒---
127016jQuery Upload File File Upload unrestricted upload [CVE-2018-9207]medium🔒---
127015Portainer API Endpoint check credentials managementmedium🔒---
127014Google Monorail input validation [CVE-2018-19335]low🔒---
127013Google Monorail cross-site request forgery [CVE-2018-19334]low🔒---
127012Access Manager Identity Provider redirect [CVE-2018-17948]medium🔒---
127011Philips iSite credentials management [CVE-2018-17906]medium🔒---
127010IBM API Connect input validation [CVE-2018-1779]low🔒---
127009Google Monorail cross-site request forgery [CVE-2018-10099]low🔒---
127008IBM Cloud Private information disclosure [CVE-2018-1841]low🔒---
127007Apache Spark access control [CVE-2018-17190]medium🔒---
127006Cloud Foundry UAA access control [CVE-2018-15761]medium🔒---
127005Pivotal Cloud Foundry On Demand Services SDK Service Broker Invalid credentials managementmedium🔒---
127004BestXsoftware Best Free Keylogger syscrb.exe untrusted search pathmedium🔒---
127003GNOME Keyring Secret Service API Credentials credentials managementlow🔒---
127002Customer Files Upload Addon upload.php unrestricted uploadmedium🔒---
127001libansilove ansi.c ansilove_ansi out-of-bounds readmedium🔒---
127000Jupyter Notebook Directory Name notebooklist.js cross site scriptinglow🔒--🔒
126999Jupyter Notebook nbconvert Response handlers.py cross site scriptinglow🔒--🔒
126998GNOME Seahorse quickAllow Password credentials managementlow🔒---
126997SeaCMS Stored cross site scripting [CVE-2018-19350]low🔒---
126996SeaCMS admin_makehtml.php sql injectionmedium🔒---
126995Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126994Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126993Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126992Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126991Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126990Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126989Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126988Foxit Reader u3d plugin U3DBrowser.fpi basic_ostream out-of-bounds readmedium🔒---
126987Guriddo Form PHP default.php cross site scriptinglow🔒---
126986Google gVisor shm.go access controlmedium🔒---
126985S-Cms cross-site request forgery [CVE-2018-19332]low🔒---
126984S-Cms search.php sql injectionmedium🔒---
126983GreenCMS access control [CVE-2018-19329]low🔒---
126982LAOBANCMS mysql_hy.php path traversalmedium🔒---
126981JTBC(PHP) cross-site request forgery [CVE-2018-19327]low🔒---
126980ZyXEL VMG1312-B10D path traversal [CVE-2018-19326]medium🔒---
126979kimsQ Rb ?r=home&mod=mypage&page=info cross site scriptinglow🔒---
126978phpBB Admin Control Panel file_exists input validationmedium🔒--🔒
126977Lenovo ThinkServer BMC Firmware Download command injection [CVE-2018-9086]medium🔒---
126976Intel Server Platform Service default permission [CVE-2018-9085]medium🔒---
126975Lenovo Chassis Management Module hard-coded credentials [CVE-2018-9073]medium🔒---
126974Lenovo Chassis Management Module information disclosure [CVE-2018-9071]low🔒---
126973ZTE ZXHN F670 appviahttp Service credentials management [CVE-2018-7363]medium🔒---
126972ZTE ZXHN F670 Access Control access control [CVE-2018-7362]medium🔒---
126971ZTE ZXHN F670 null pointer dereference [CVE-2018-7361]low🔒---
126970ZTE ZXHN F670 appviahttp Service information disclosure [CVE-2018-7360]low🔒---
126969ZTE ZXHN F670 memory corruption [CVE-2018-7359]medium🔒---
126968SRCMS cross-site request forgery [CVE-2018-19319]low🔒---
126967SRCMS cross-site request forgery [CVE-2018-19318]low🔒---
126966Centreon sql injection [CVE-2018-19312]medium🔒---
126965Centreon cross site scripting [CVE-2018-19311]low🔒---
126964PHPMailer Object input validation [CVE-2018-19296]medium🔒--🔒
126963Linux Kernel Access Control user_namespace.c map_write input validationmedium🔒--🔒
126962School Equipment Monitoring System Login Screen user.vb sql injectionmedium🔒---
126961PointOfSales Login Screen LoginForm1.vb sql injectionmedium🔒---
126960Bakeshop Inventory System Login Screen publicfunction.vb sql injectionmedium🔒---
126959Curriculum Evaluation System Login Screen user.vb sql injectionmedium🔒---
126958BSEN Ordering Software sql injection [CVE-2018-18801]medium🔒---
126957School Attendance Monitoring System cross-site request forgerylow🔒---
126956School Attendance Monitoring System edit.php cross-site request forgerylow🔒---
126955Library Management System Search for Books sql injection [CVE-2018-18796]medium🔒---
126954School Event Management System index.php sql injectionmedium🔒---
126953School Event Management System cross-site request forgery [CVE-2018-18794]low🔒---
126952School Event Management System unrestricted upload [CVE-2018-18793]medium🔒---
126951SaltOS sql injection [CVE-2018-18763]medium🔒---
126950SaltOS sql injection [CVE-2018-18761]medium🔒---
126949RhinOS cross-site request forgery [CVE-2018-18760]low🔒---
126948Modbus Slave Tools memory corruption [CVE-2018-18759]medium🔒---
126947Local Server Service Port 4008 memory corruption [CVE-2018-18756]medium🔒---
126946K-iwi Framework update sql injectionmedium🔒---
126945IBM WebSphere Application Server Enterprise Bundle Archives path traversalmedium🔒---
126944Ruby Taint 7pk security [CVE-2018-16396]medium🔒--🔒
126943Ruby OpenSSL Library Name data processingmedium🔒--🔒
126942IBM Jazz Reporting Service Report Builder information disclosurelow🔒---
126941Dell EMC RSA BSAFE Micro Edition Suite Key Management key managementlow🔒---
126940Inova Partner improper authorization [CVE-2018-15693]medium🔒---
126939Inova Partner improper authorization [CVE-2018-15692]medium🔒---
126938Microsoft Team Foundation Server access control [CVE-2018-8529]medium🔒--🔒
126937CPU Multi-Threading information disclosure [CVE-2018-5407]medium🔒--🔒
126936tp4a Teleport Login Page cross site scripting [CVE-2018-19301]low🔒---
126935DiliCMS 1 cross-site request forgerylow🔒---
126934Valine PDF File injection [CVE-2018-19289]low🔒---
126933Zoho ManageEngine OpManager updateWidget API cross site scriptinglow🔒---
126932Ninja Forms Plugin Submissions.php cross site scriptinglow🔒---
126931Mubu Note Account Configuration cross site scripting [CVE-2018-19286]low🔒---
126930QEMU pnv_lpc.c pnv_lpc_do_eccb out-of-bounds readmedium🔒--🔒
126929Sonatype Nexus Repository Manager Java Expression Language code injectionmedium🔒---
126928Sonatype Nexus Repository Manager Access Control access controlmedium🔒---
126927Sonatype Nexus Repository Manager cross site scripting [CVE-2018-16619]low🔒---
126926IBM WebSphere Application Server Installation Verification cross site scriptinglow🔒--🔒
126925OpenDolphin access control [CVE-2018-16163]medium🔒---
126924OpenDolphin Credentials credentials management [CVE-2018-16162]low🔒---
126923OpenDolphin access control [CVE-2018-16161]medium🔒---
126922SecureCore Standard Edition improper authentication [CVE-2018-16160]medium🔒---
126921Polycom TriO Web Administration Console cross site scriptinglow🔒---
126920Polycom TriO Bluetooth Subsystem access control [CVE-2018-14934]medium🔒---
126919Eclipse Mosquitto Topic input validation [CVE-2018-12543]medium🔒--🔒
126918NetIQ Access Manager cross site scripting [CVE-2018-12480]low🔒---
126917BlueStacks App Player Access Restriction access control [CVE-2018-0701]medium🔒---
126916YukiWiki resource consumption [CVE-2018-0700]low🔒---
126915YukiWiki cross site scripting [CVE-2018-0699]low🔒---
126914Metabase cross site scripting [CVE-2018-0697]low🔒---
126913User-Friendly SVN cross site scripting [CVE-2018-0695]low🔒---
126912FileZen os command injection [CVE-2018-0694]medium🔒---
126911FileZen File Upload path traversal [CVE-2018-0693]medium🔒---
126910Baidu Browser DLL Loader untrusted search path [CVE-2018-0692]low🔒---
126909+Message App X.509 Certificate Validation certificate validationlow🔒---
126908Music Center for PC Software Update access control [CVE-2018-0690]medium🔒---
126907NEOJAPAN Denbun cross site scripting [CVE-2018-0687]low🔒---
126906NEOJAPAN Denbun unrestricted upload [CVE-2018-0686]medium🔒---
126905NEOJAPAN Denbun Mail Search sql injection [CVE-2018-0685]medium🔒---
126904NEOJAPAN Denbun multipart/form-data memory corruption [CVE-2018-0684]medium🔒---
126903NEOJAPAN Denbun Cookie memory corruption [CVE-2018-0683]medium🔒---
126902NEOJAPAN Denbun Session access control [CVE-2018-0682]medium🔒---
126901NEOJAPAN Denbun Management Page hard-coded credentials [CVE-2018-0681]medium🔒---
126900NEOJAPAN Denbun hard-coded credentials [CVE-2018-0680]medium🔒---
126899FXC FXC5210 Administrative Page cross site scripting [CVE-2018-0679]low🔒---
126898Cybozu Garoon path traversal [CVE-2018-0673]medium🔒---
126897HarfBuzz hb-ot-layout-gpos-table.hh out-of-bounds readlow🔒---
126896Apache Commons FileUpload DiskFileItem File privileges managementmedium🔒---
126895Google Android HTC Bootloader access control [CVE-2018-9580]medium🔒---
126894Google Android bta_hd_api.cc BTA_HdRegisterApp out-of-bounds writemedium🔒---
126893Google Android Bluetooth Service btif_hd.cc register_application out-of-bounds readmedium🔒---
126892Google Android Factory Reset f2fs_format_utils.c access controllow🔒---
126891Google Android avrc_pars_ct.cc avrc_pars_vendor_rsp out-of-bounds readmedium🔒---
126890Google Android Bluetooth Service avcr_pars_ct.cc avrc_pars_vendor_rsp out-of-bounds readmedium🔒---
126889Google Android avrc_pars_ct.c avrc_ctrl_pars_vendor_rsp out-of-bounds readmedium🔒---
126888Google Android ClearKey CAS Descrambler race condition [CVE-2018-9539]medium🔒---
126887Google Android Media Server aacdecode.cpp CAacDecoder_DecodeFrame out-of-bounds writemedium🔒---
126886Google Android libFDK out-of-bounds write [CVE-2018-9536]medium🔒---
126885Google Android ixheaacd_lpc.c ixheaacd_reset_acelp_data_fix out-of-bounds writemedium🔒---
126884Google Android ixheaacd_mps_parse.c ixheaacd_mps_getstridemap out-of-bounds writemedium🔒---
126883Google Android ixheaacd_create.c ixheaacd_dec_data_init memory corruptionmedium🔒---
126882Google Android ixheaacd_env_extr.c ixheaacd_extract_frame_info_ld out-of-bounds writemedium🔒---
126881Google Android tpdec_asc.cpp AudioSpecificConfig_Parse out-of-bounds writemedium🔒---
126880Google Android ixheaacd_aac_tns.c ixheaacd_tns_ar_filter_dec out-of-bounds writemedium🔒---
126879Google Android ixheaacd_channel.c ixheaacd_individual_ch_stream out-of-bounds writemedium🔒---
126878Google Android ixheaacd_overlap_add1.s ixheaacd_over_lap_add1_armv8 out-of-bounds writemedium🔒---
126877Google Android codebook.c vorbis_book_decodev_set out-of-bounds writemedium🔒---
126876Google Android Location information disclosure [CVE-2018-9526]low🔒---
126875Google Android com.android.settings.slice.action.WIFI_CHANGED AndroidManifest.xml SliceBroadcastReceiver permissionmedium🔒---
126874Google Android System UI access control [CVE-2018-9524]medium🔒---
126873Google Android Parcel.java Parcel.writeMapInternal input validationmedium🔒---
126872Google Android StatsLogEventWrapper.java serialization out-of-bounds writemedium🔒---
126871Google Android NuPlayer2CCDecoder.cpp parseMPEGCCData out-of-bounds writemedium🔒---
126870Google Android BluetoothPairingController.java onCheckedChanged permissionlow🔒---
126869Google Android eas_smf.c SMF_ParseMetaEvent input validationlow🔒---
126868ZTE ZXHN H168N Change Control improper authentication [CVE-2018-7358]medium🔒---
126867ZTE ZXHN H168N Access Control credentials management [CVE-2018-7357]medium🔒---
126866Google Chrome PWA Installation access control [CVE-2018-6083]medium🔒--🔒
126865Google Chrome FTP Port information disclosure [CVE-2018-6082]low🔒--🔒
126864Google Chrome Extension cross site scripting [CVE-2018-6081]low🔒--🔒
126863Google Chrome Instrumentation Log File access control [CVE-2018-6080]low🔒--🔒
126862Google Chrome WebGL information disclosure [CVE-2018-6079]low🔒--🔒
126861Google Chrome Omnibox input validation [CVE-2018-6078]medium🔒--🔒
126860Google Chrome Blink SVG Rendering information disclosure [CVE-2018-6077]low🔒--🔒
126859Google Chrome Blink DOM-Based cross site scriptinglow🔒--🔒
126858Google Chrome File Download information disclosure [CVE-2018-6075]low🔒--🔒
126857Google Chrome Download input validation [CVE-2018-6074]medium🔒--🔒
126856Google Chrome WebGL memory corruption [CVE-2018-6073]medium🔒--🔒
126855Google Chrome PDFium integer overflow [CVE-2018-6072]medium🔒--🔒
126854Google Chrome Skia integer overflow [CVE-2018-6071]medium🔒--🔒
126853Google Chrome Blink WebUI 7pk security [CVE-2018-6070]medium🔒--🔒
126852Google Chrome Skia memory corruption [CVE-2018-6069]medium🔒--🔒
126851Google Chrome Custom Tab Address input validationmedium🔒--🔒
126850Google Chrome Skia memory corruption [CVE-2018-6067]medium🔒--🔒
126849Google Chrome Blink information disclosure [CVE-2018-6066]medium🔒--🔒
126848Google Chrome v8 integer overflow [CVE-2018-6065]medium🔒--🔒
126847Google Chrome v8 __defineGetter__ type conversionmedium🔒--🔒
126846Google Chrome Mojo WrapSharedMemoryHandle out-of-bounds writemedium🔒--🔒
126845Google Chrome Skia out-of-bounds write [CVE-2018-6062]medium🔒--🔒
126844Google Chrome WebAssembly race condition [CVE-2018-6061]medium🔒--🔒
126843Google Chrome WebAudio use after free [CVE-2018-6060]medium🔒--🔒
126842Google Chrome Android ashmem 7pk security [CVE-2018-6057]medium🔒--🔒
126841NetApp StorageGRID Webscale access control [CVE-2018-5495]medium🔒---
126840Intel RAID Web Console 3 cross site scripting [CVE-2018-3699]low🔒---
126839Intel Ready Mode Technology Installer access control [CVE-2018-3698]low🔒---
126838Intel Media Server Studio Installer access control [CVE-2018-3697]medium🔒---
126837Intel RAID Web Console 3 improper authentication [CVE-2018-3696]low🔒---
126836Intel Rapid Store Technology input validation [CVE-2018-3635]medium🔒---
126835Intel Driver / Support Assistant information disclosure [CVE-2018-3621]low🔒---
126834Centreon SNMP Trap sql injection [CVE-2018-19281]medium🔒---
126833Centreon Poller Macro cross site scripting [CVE-2018-19280]low🔒---
126832PRIMX ZoneCentral ntfs File information disclosure [CVE-2018-19279]low🔒---
126831Digium Asterisk DNS SRV/NAPTR Lookup memory corruption [CVE-2018-19278]medium🔒--🔒
126830PHPOffice PhpSpreadsheet Encoding securityScan xml injectionmedium🔒---
126829Centreon main.php sql injectionmedium🔒---
126828payfort-php-SDK error.php cross site scriptinglow🔒---
126827payfort-php-SDK Echo error.php cross site scriptinglow🔒---
126826payfort-php-SDK success.php cross site scriptinglow🔒---
126825payfort-php-SDK Echo success.php cross site scriptinglow🔒---
126824payfort-php-SDK route.php cross site scriptinglow🔒---
126823CKeditor Paste cross site scripting [CVE-2018-17960]low🔒---
126822Google Chrome Extensions input validation [CVE-2018-17477]medium🔒--🔒
126821Google Chrome Cast UI Warning input validationmedium🔒--🔒
126820Google Chrome Navigation Address input validationmedium🔒--🔒
126819Google Chrome Blink HTMLImportsController use after freemedium🔒--🔒
126818Google Chrome Omnibox Address input validationmedium🔒--🔒
126817Google Chrome googlechrome:/ data processing [CVE-2018-17472]medium🔒--🔒
126816Google Chrome WebContents Warning input validationmedium🔒--🔒
126815Google Chrome PDFium out-of-bounds read [CVE-2018-17469]medium🔒--🔒
126814Google Chrome Blink information disclosure [CVE-2018-17468]low🔒--🔒
126813Google Chrome Omnibox input validation [CVE-2018-17467]medium🔒--🔒
126812Google Chrome Texture out-of-bounds read [CVE-2018-17466]medium🔒--🔒
126811Google Chrome v8 use after free [CVE-2018-17465]medium🔒--🔒
126810Google Chrome History Address input validationmedium🔒--🔒
126809Google Chrome v8 input validation [CVE-2018-17463]medium🔒--🔒
126808Google Chrome AppCache input validation [CVE-2018-17462]medium🔒--🔒
126807Nagios XI Reflected cross site scripting [CVE-2018-15714]low🔒---
126806Nagios XI users.php Persistent cross site scriptinglow🔒---
126805Nagios XI api_tool.php Reflected cross site scriptinglow🔒---
126804Nagios XI API Key access control [CVE-2018-15711]medium🔒---
126803Nagios XI Autodiscover_new.php command injectionmedium🔒---
126802Nagios XI command injection [CVE-2018-15709]medium🔒---
126801Nagios XI Snoopy 1.0 command injection [CVE-2018-15708]medium🔒---
126800Intel Parallel Studio XE Intel Trace Analyzer 2018 memory corruptionmedium🔒---
126799Microsoft Dynamics 365 input validation [CVE-2018-8609]medium🔒---
126798Microsoft Dynamics 365 cross site scripting [CVE-2018-8608]low🔒---
126797Microsoft Dynamics 365 cross site scripting [CVE-2018-8607]low🔒---
126796Microsoft Dynamics 365 cross site scripting [CVE-2018-8606]low🔒---
126795Microsoft Dynamics 365 cross site scripting [CVE-2018-8605]low🔒---
126794Microsoft Team Foundation Server cross site scripting [CVE-2018-8602]low🔒--🔒
126793Microsoft Azure App Service cross site scripting [CVE-2018-8600]low🔒---
126792Microsoft Windows Audio Service information disclosure [CVE-2018-8454]low🔒--🔒
126791Apache Hadoop ZIP File access control [CVE-2018-8009]medium🔒--🔒
126790Huawei Watch 2 improper authorization [CVE-2018-7926]medium🔒---
126789Huawei Smartphone Radio Module improper authorization [CVE-2018-7925]medium🔒---
126788Huawei Smartphone improper authentication [CVE-2018-7910]medium🔒---
126787VMware vRealize Log Insight User Registration improper authorizationmedium🔒--🔒
126786NVIDIA Graphics Driver GPU Performance Counter information disclosuremedium🔒---
126785SAP Fiori Client Log View code injection [CVE-2018-2491]low🔒---
126784SAP Fiori Client Broadcast Message access control [CVE-2018-2490]medium🔒---
126783SAP Fiori Client SSO Config access control [CVE-2018-2489]low🔒---
126782SAP Fiori Client Push Notification input validation [CVE-2018-2488]low🔒---
126781SAP Disclosure Management ZIP File information disclosure [CVE-2018-2487]medium🔒---
126780SAP Fiori Client Javascript API privileges management [CVE-2018-2485]medium🔒---
126779SAP Business Intelligence Platform Central Management Console input validationmedium🔒---
126778SAP Mobile Secure Android Application Mobile-secure.apk resource consumptionlow🔒---
126777SAP SAP_ABA Transaction Code access control [CVE-2018-2481]medium🔒---
126776SAP Business Intelligence cross site scripting [CVE-2018-2479]low🔒---
126775SAP TREX/BWA/Basis input validation [CVE-2018-2478]medium🔒---
IDTitleVulDBCVSSSecuniaXForceNessus
126774SAP Knowledge Management xml injection [CVE-2018-2477]medium🔒---
126773SAP NetWeaver redirect [CVE-2018-2476]medium🔒---
126772SAP Business Intelligence Web Intelligence Richclient 3 data processinglow🔒---
126771Micro Focus Service Manager information disclosure [CVE-2018-18591]low🔒---
126770IBM WebSphere Commerce input validation [CVE-2018-1808]medium🔒---
126769IBM WebSphere MQ code injection [CVE-2018-1792]medium🔒---
126768Losant Arduino MQTT Client memory corruption [CVE-2018-17614]medium🔒---
126767Apache Qpid Proton-J Transport Certificate Verification certificate validationmedium🔒---
126766PostgreSQL pg_dump sql injectionmedium🔒--🔒
126765Rack Request cross site scriptinglow🔒--🔒
126764Rack Multipart Parser resource consumption [CVE-2018-16470]low🔒--🔒
126763Pivotal CredHub Service Broker Random Number Generator weak prngmedium🔒---
126762Dell EMC RecoverPoint/RecoverPoint for VMs Boxmgmt CLI resource consumptionlow🔒---
126761Dell EMC RecoverPoint/RecoverPoint for Virtual Machines Boxmgmt CLI information disclosurelow🔒---
126760Cisco Advanced Malware Protection DLL Loader uncontrolled search pathmedium🔒---
126759JBoss KeyCloak Login/Logout redirect [CVE-2018-14658]medium🔒--🔒
126758KeyCloak TOPT 7pk security [CVE-2018-14657]medium🔒--🔒
126757KeyCloak cross site scripting [CVE-2018-14655]low🔒--🔒
126756TIBCO DataSynapse GridServer Manager Broker/Director cross-site request forgerylow🔒---
126755Microsoft .NET Core input validation [CVE-2018-8416]medium🔒--🔒
126754Microsoft Skype for Business/Lync Server Emoji input validationlow🔒--🔒
126753Microsoft Windows MSRPC information disclosure [CVE-2018-8407]low🔒--🔒
126752Microsoft Windows Physical Installation access control [CVE-2018-8592]medium🔒--🔒
126751Microsoft Windows Win32k access control [CVE-2018-8589]medium🔒--🔒
126750Microsoft Windows ALPC access control [CVE-2018-8584]medium🔒--🔒
126749Microsoft Exchange Server access control [CVE-2018-8581]medium🔒--🔒
126748Microsoft Office Outlook Message information disclosure [CVE-2018-8579]low🔒---
126747Microsoft SharePoint Enterprise Server Folder information disclosurelow🔒--🔒
126746Microsoft Outlook memory corruption [CVE-2018-8576]medium🔒--🔒
126745Microsoft Project memory corruption [CVE-2018-8575]medium🔒--🔒
126744Microsoft Office Word memory corruption [CVE-2018-8573]medium🔒--🔒
126743Microsoft SharePoint Enterprise Server access control [CVE-2018-8572]low🔒--🔒
126742Microsoft SharePoint Enterprise Server access control [CVE-2018-8568]low🔒--🔒
126741Microsoft Edge access control [CVE-2018-8567]medium🔒--🔒
126740Microsoft Windows BitLocker Security Feature 7pk security [CVE-2018-8566]medium🔒--🔒
126739Microsoft Windows Win32k information disclosure [CVE-2018-8565]low🔒--🔒
126738Microsoft Edge input validation [CVE-2018-8564]medium🔒--🔒
126737Microsoft Windows DirectX information disclosure [CVE-2018-8563]low🔒--🔒
126736Microsoft Windows Win32k access control [CVE-2018-8562]medium🔒--🔒
126735Microsoft Windows DirectX access control [CVE-2018-8561]medium🔒--🔒
126734Microsoft Office information disclosure [CVE-2018-8558]low🔒---
126733Microsoft Windows DirectX access control [CVE-2018-8554]medium🔒--🔒
126732Microsoft Internet Explorer VBScript Scripting Engine memory corruptionlow🔒--🔒
126731Microsoft Windows Security Feature 7pk security [CVE-2018-8549]medium🔒--🔒
126730Microsoft Windows Active Directory Federation Services cross site scriptinglow🔒--🔒
126729Microsoft Edge information disclosure [CVE-2018-8545]low🔒--🔒
126728Microsoft Office/SharePoint Word memory corruption [CVE-2018-8539]medium🔒--🔒
126727Microsoft Outlook memory corruption [CVE-2018-8524]medium🔒--🔒
126726Microsoft Outlook memory corruption [CVE-2018-8522]medium🔒--🔒
126725Microsoft Windows DirectX access control [CVE-2018-8485]medium🔒--🔒
126724Microsoft Windows RemoteFX Virtual GPU Miniport Driver access controlmedium🔒--🔒
126723Microsoft Windows JScript Security Feature access control [CVE-2018-8417]medium🔒--🔒
126722Microsoft Windows PowerShell code injection [CVE-2018-8415]medium🔒--🔒
126721Microsoft Windows Kernel information disclosure [CVE-2018-8408]low🔒--🔒
126720Microsoft Internet Explorer memory corruption [CVE-2018-8570]medium🔒--🔒
126719Microsoft Windows COM Aggregate Marshaler access control [CVE-2018-8550]medium🔒--🔒
126718Microsoft Windows Search access control [CVE-2018-8450]medium🔒--🔒
126717Microsoft Outlook input validation [CVE-2018-8582]medium🔒--🔒
126716Microsoft Office Excel memory corruption [CVE-2018-8577]medium🔒--🔒
126715Microsoft Office Excel memory corruption [CVE-2018-8574]medium🔒--🔒
126714Microsoft Windows PowerShell access control [CVE-2018-8256]medium🔒--🔒
126713Microsoft Windows VBScript Engine use after free [CVE-2018-8544]medium🔒--🔒
126712Microsoft Windows Graphics Component memory corruption [CVE-2018-8553]medium🔒--🔒
126711Microsoft Windows Deployment Services TFTP Server memory corruptionmedium🔒--🔒
126710Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126709Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126708Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126707Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126706Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126705Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126704Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126703Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
126702PHP-Proxy config.php information disclosurelow🔒---
126701Charles Import/Export xml external entity reference [CVE-2018-19244]medium🔒---
126700Thomson TCW710 RgUrlBlock.asp Persistent cross site scritinglow🔒---
126699Thomson TCW710 RgDhcp Persistent cross site scritinglow🔒---
126698Thomson TCW710 RgDdns Persistent cross site scritinglow🔒---
126697Thomson TCW710 RgTime Persistent cross site scritinglow🔒---
126696Thomson TCW710 RGFirewallEL Persistent cross site scritinglow🔒---
126695Thomson TCW710 wlanPrimaryNetwork Persistent cross site scritinglow🔒---
126694LAOBANCMS cross site scripting [CVE-2018-19229]low🔒---
126693LAOBANCMS pic.php path traversalmedium🔒---
126692LAOBANCMS liuyan.php cross site scriptinglow🔒---
126691LAOBANCMS admin.txt information disclosurelow🔒---
126690LAOBANCMS mima.php cross-site request forgerylow🔒---
126689LAOBANCMS Cookie login.php input validationmedium🔒---
126688LAOBANCMS cross site scripting [CVE-2018-19223]low🔒---
126687LAOBANCMS access control [CVE-2018-19222]medium🔒---
126686LAOBANCMS login.php sql injectionmedium🔒---
126685LAOBANCMS code injection [CVE-2018-19220]medium🔒---
126684LibSass operator input validationlow🔒---
126683LibSass parse_css_variable_value_token out-of-bounds readlow🔒---
126682ncurses _nc_name_match null pointer dereferencelow🔒---
126681Netwide Assembler preproc.c detoken use after freemedium🔒---
126680Netwide Assembler preproc.c expand_mmac_params out-of-bounds readmedium🔒---
126679Netwide Assembler preproc.c expand_mmac_params out-of-bounds readmedium🔒---
126678Netwide Assembler malloc.c nasm_malloc resource managementlow🔒---
126677libwebm InitWebmParser input validationlow🔒---
126676ncurses parse_entry.c _nc_parse_entry null pointer dereferencelow🔒--🔒
126675LibTIFF tif_dirwrite.c TIFFWriteDirectorySec null pointer dereferencelow🔒--🔒
126674Netwide Assembler labels.c find_label null pointer dereferencelow🔒---
126673libwpd WP6ContentListener.cpp defineTable null pointer dereferencelow🔒--🔒
126672Van Ons WP GDPR Compliance Plugin $wpdb->prepare direct requestmedium🔒--🔒
126671RoundCube func.inc cross site scriptinglow🔒--🔒
126670RoundCube GnuPG MDC Integrity-Protection Warning enigma_driver_gnupg.php information disclosurelow🔒---
126669PRTG Network Monitor HTTP Advanced Sensor HttpAdvancedSensor.exe access controlmedium🔒---
126668PRTG Network Monitor PRTG Core Server Service input validationlow🔒---
126667uriparser UriCommon.c uriResetUri null pointer dereferencelow🔒--🔒
126666uriparser UriQuery.c uriComposeQueryEx integer overflowmedium🔒--🔒
126665uriparser UriQuery.c uriComposeQueryEx out-of-bounds writemedium🔒--🔒
126664IBM Case Manager path traversal [CVE-2018-1884]medium🔒---
126663IBM Spectrum Protect dsmc/dsmcad resource management [CVE-2018-1786]low🔒--🔒
126662XiaoCms database.php path traversallow🔒---
126661XiaoCms uploadfile.php code injectionmedium🔒---
126660XiaoCms show_product.html cross site scriptinglow🔒---
126659XiaoCms Error Message Path information disclosurelow🔒---
126658XiaoCms New News Screen cross site scripting [CVE-2018-19193]low🔒---
126657XiaoCms cross-site request forgery [CVE-2018-19192]low🔒---
126656libIEC61850 ber_encoder.c BerEncoder_encodeOctetString memory corruptionmedium🔒---
126655Go Ethereum runner.go null pointer dereferencemedium🔒---
126654ethereumjs-vm memory corruption [CVE-2018-19183]low🔒---
126653Py-EVM vm.execute_bytecode memory corruptionmedium🔒---
126652IBM WebSphere Application Server SIBMsgMigration Utility cross site scriptinglow🔒---
126651YUNUCMS Local.class.php path traversalmedium🔒---
126650YUNUCMS Install.php code injectionmedium🔒---
126649JEESNS XssHttpServletRequestWrapper.java Stored cross site scriptinglow🔒---
126648JPress Input Fields setting Stored cross site scriptinglow🔒---
126647FruityWifi mod_name save.php command injectionmedium🔒---
126646pdfforge PDF Architect pdmodel.dll PDMODELProvidePDModelHFT memory corruptionmedium🔒---
126645Poppler _poppler_attachment_new null pointer dereferencelow🔒--🔒
126644Caddy X.509 Certificate information disclosure [CVE-2018-19148]low🔒---
126643Open Ticket Request System access control [CVE-2018-19143]medium🔒--🔒
126642Open Ticket Request System cross site scripting [CVE-2018-19142]low🔒---
126641Open Ticket Request System URL cross site scripting [CVE-2018-19141]low🔒--🔒
126640ClipperCMS files cross-site request forgerylow🔒---
126639IObit Malware Fighter IOCTL RegFilter.sys memory corruptionmedium🔒---
126638IObit Malware Fighter IOCTL RegFilter.sys memory corruptionmedium🔒---
126637IObit Malware Fighter IOCTL RegFilter.sys memory corruptionmedium🔒---
126636IObit Malware Fighter IOCTL RegFilter.sys memory corruptionmedium🔒---
126635ZyXEL ZyWALL USG zysh-cgi cross-site request forgerylow🔒---
126634S-Cms Search search.php cross site scriptinglow🔒---
126633Jasper jas_malloc.c jpc_unk_getparms resource managementlow🔒--🔒
126632WSTMart add.html cross-site request forgerylow🔒---
126631DomainMod ip-address.php cross site scriptinglow🔒---
126630DomainMod registrar-account.php cross site scriptinglow🔒---
126629Flarum Core Email information disclosure [CVE-2018-19133]low🔒---
126628Squid Web Proxy SNMP resource management [CVE-2018-19132]low🔒--🔒
126627Squid Web Proxy X.509 Certificate cross site scripting [CVE-2018-19131]low🔒--🔒
126626libav libavcodec vc1dec.c vc1_decode_frame memory corruptionlow🔒---
126625libav mpegaudiodsp_template.c ff_mpa_synth_filter_float null pointer dereferencelow🔒---
126624libavcodec AVI File lcldec.c decode_frame memory corruptionmedium🔒---
126623PHPCMS 2008 Cache File type.php code injectionmedium🔒---
126622PrestaShop unrestricted upload [CVE-2018-19126]medium🔒---
126621PrestaShop access control [CVE-2018-19125]low🔒---
126620PrestaShop input validation [CVE-2018-19124]medium🔒---
126619libIEC61850 ethernet_bsd.c Ethernet_sendPacket null pointer dereferencelow🔒---
126618libIEC61850 ethernet_bsd.c Ethernet_receivePacket null pointer dereferencemedium🔒---
126617IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1872]low🔒---
126616Sennheiser HeadSetup Certificates SennComCCKey.pem Key certificate validationlow🔒---
126615Cloud Foundry Hashing cryptographic issues [CVE-2018-15796]medium🔒---
126614PowerDNS Recursor DNSSEC Validator input validation [CVE-2018-14644]low🔒--🔒
126613IBM DB2 FGAC Control information disclosure [CVE-2018-1857]medium🔒---
126612IBM Cognos Analytics Configuration Tool signature verificationmedium🔒---
126611IBM DB2 link following [CVE-2018-1834]medium🔒---
126610IBM DB2 Shared Libraries access control [CVE-2018-1802]medium🔒---
126609IBM DB2 input validation [CVE-2018-1799]medium🔒---
126608IBM DB2 link following [CVE-2018-1781]medium🔒---
126607IBM DB2 link following [CVE-2018-1780]medium🔒---
126606IBM API Connect Developer Portal code injection [CVE-2018-1774]medium🔒---
126605IBM WebSphere MQ MQTT input validation [CVE-2018-1684]low🔒---
126604IBM Marketing Operations Error Message information disclosurelow🔒---
126603IBM Campaign input validation [CVE-2016-9749]medium🔒---
126602Telexy QPath AdanitDataService.svc access controlmedium🔒---
126601Brocade Fabric OS Webtools Firmware Update command injectionmedium🔒---
126600Brocade Fabric OS Secure Shell access control [CVE-2018-6441]medium🔒---
126599Brocade Fabric OS Command Line Interface access control [CVE-2018-6438]medium🔒---
126598Brocade Fabric OS Command Line Interface access control [CVE-2018-6437]medium🔒---
126597Brocade Fabric OS Command Line Interface access control [CVE-2018-6436]medium🔒---
126596Brocade Fabric OS Command Line Interface access control [CVE-2018-6435]medium🔒---
126595Brocade Fabric OS Web Management Interface session fixiationmedium🔒---
126594Brocade Fabric OS secryptocfg input validation [CVE-2018-6433]medium🔒---
126593keepalived html.c memory corruption [CVE-2018-19115]medium🔒--🔒
126592MinDoc attach_#.jpg access controlmedium🔒---
126591keepalived Temp File keepalived.data information disclosurelow🔒--🔒
126590keepalived Temp File PrintStats information disclosurelow🔒--🔒
126589keepalived keepalived.data PrintStats link followinglow🔒--🔒
126588Cisco Prime Service Catalog Web-based Management Interface cross site scriptinglow🔒---
126587Cisco Prime Collaboration Assurance Web-based UI input validationmedium🔒---
126586Cisco Video Surveillance Media Server Web-based Management Interface input validationlow🔒---
126585Cisco Registered Envelope Service information disclosure [CVE-2018-15448]low🔒---
126584Cisco Integrated Management Controller Web Framework sql injectionmedium🔒---
126583Cisco Meeting Server information disclosure [CVE-2018-15446]low🔒---
126582Cisco Energy Management Suite Web-based Management Interface cross-site request forgerylow🔒---
126581Cisco Energy Management Suite Web-based User Interface xml external entity referencemedium🔒---
126580Cisco Firepower System Software Detection Engine resource consumptionmedium🔒---
126579Cisco Small Business Switches hard-coded credentials [CVE-2018-15439]medium🔒---
126578Cisco Immunet/Advanced Malware Protection System Scan 7pk securitymedium🔒---
126577Cisco Stealthwatch Enterprise Management Console access controlmedium🔒---
126576Cisco Content Security Management Appliance Web-based Management Interface cross site scriptinglow🔒---
126575Cisco Unity Express deserialization [CVE-2018-15381]high🔒---
126574Apache Hive improper authorization [CVE-2018-1314]medium🔒---
126573Apache Hive HiveServer2 improper authorization [CVE-2018-11777]medium🔒---
126572Cisco Meraki MR/Meraki MS/Meraki MX/Meraki Z1/Meraki Z3 Local Status Page access controlmedium🔒---
126571Google Cardboard information disclosure [CVE-2018-19111]medium🔒---
126570tianti skin-management list skinList access controlmedium🔒---
126569tianti Permission list access controlmedium🔒---
126568Exiv2 PSD Image Reader psdimage.cpp readMetadata integer overflowmedium🔒---
126567Exiv2 PSD Image Reader iptc.cpp decode integer overflowmedium🔒---
126566LibreCAD File out-of-bounds write [CVE-2018-19105]low🔒---
126565BageCMS index.php cross-site request forgerylow🔒---
126564Apache Superset Pickle Library load deserializationmedium🔒---
126563libIEC61850 client_control.c ControlObjectClient_setCommandTerminationHandler access control [Disputed]medium🔒---
126562YzmCMS cross site scripting [CVE-2018-19092]low🔒---
126561tianti User Management Module list Reflected cross site scriptinglow🔒---
126560tianti Article Management Module Stored cross site scriptinglow🔒---
126559tianti save_role Stored cross site scriptinglow🔒---
126558WeCenter index.tpl.html htmlspecialchars_decode cross site scriptinglow🔒---
126557Foscam Opticam i5 ONVIF devicemgmt SetDNS memory corruption [CVE-2018-19082]medium🔒---
126556Foscam Opticam i5 ONVIF devicemgmt SetDNS os command injectionmedium🔒---
126555Foscam Opticam i5 ONVIF devicemgmt SetHostname Persistent cross site scriptinglow🔒---
126554Foscam Opticam i5 ONVIF devicemgmt SystemReboot input validationlow🔒---
126553Foscam Opticam i5 ONVIF media GetStreamUri Credentials credentials managementlow🔒---
126552Foscam Opticam i5 RTSP out-of-bounds read [CVE-2018-19077]low🔒---
126551Foscam C2/Opticam i5 FTP/RTSP improper authentication [CVE-2018-19076]medium🔒---
126550Foscam C2/Opticam i5 Firewall Feature information disclosuremedium🔒---
126549Foscam C2/Opticam i5 Firewall Feature access control [CVE-2018-19074]medium🔒---
126548Foscam C2/Opticam i5 ProductConfig.xml os command injectionmedium🔒---
126547Foscam C2/Opticam i5 app access controlmedium🔒---
126546Foscam C2/Opticam i5 boot.sh access controlmedium🔒---
126545Foscam C2/Opticam i5 CGIProxy.fcgi addAccount os command injectionmedium🔒---
126544Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19069]medium🔒---
126543Foscam C2/Opticam i5 7pk security [CVE-2018-19068]low🔒---
126542Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19067]medium🔒---
126541Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19066]medium🔒---
126540Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19065]medium🔒---
126539Foscam C2/Opticam i5 FTP credentials management [CVE-2018-19064]medium🔒---
126538Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19063]medium🔒---
126537DeDeCMS co_do.php sql injectionmedium🔒---
126536Poppler GooString.h null pointer dereferencelow🔒--🔒
126535Poppler FileSpec.cc save2 out-of-bounds readmedium🔒--🔒
126534Poppler Object.h save2 input validationlow🔒--🔒
126533SimpleMDE cross site scripting [CVE-2018-19057]low🔒---
126532Pandao Editor.md DOM-Based cross site scripting [CVE-2018-19056]low🔒---
126531PbootCMS code injection [CVE-2018-19053]medium🔒---
126530lighttpd mod_alias_physical_handler mod_alias.c path traversalmedium🔒--🔒
126529MetInfo cross site scripting [CVE-2018-19051]low🔒---
126528MetInfo cross site scripting [CVE-2018-19050]low🔒---
126527mPDF Web Application getImage server-side request forgerymedium🔒---
126526Micro Focus Operations Bridge Containerized Suite information disclosuremedium🔒---
126525nginx ngx_http_mp4_module information disclosure [CVE-2018-16845]low🔒--🔒
126524nginx HTTP2 resource consumption [CVE-2018-16844]low🔒--🔒
126523nginx HTTP2 resource consumption [CVE-2018-16843]low🔒--🔒
126522axTLS PKCS #1 x509.c sig_verify Impersonation signature verificationmedium🔒---
126521axTLS PKCS #1 x509.c sig_verify Impersonation signature verificationmedium🔒---
126520axTLS ASN.1 x509.c sig_verify signature verificationlow🔒---
126519Google Android hid-debug.c chap_server_compute_md5 out-of-bounds writemedium🔒--🔒
126518Google Android WiFi WifiStateMachine.java sendNetworkStateChangeBroadcast information disclosurelow🔒---
126517Google Android SELinux access control [CVE-2018-9488]medium🔒---
126516Google Android binder.c task_get_unused_fd_flags use after freemedium🔒---
126515Google Android Attachment.java Attachment path traversalmedium🔒---
126514Google Android RootWindowContainer.java computeFocusedWindow access controlmedium🔒---
126513Google Android sdp_utils.cc sdpu_extract_attr_seq out-of-bounds readmedium🔒---
126512Google Android bnep_main.cc bnep_data_ind out-of-bounds readmedium🔒---
126511Google Android avdt_msg.cc avdt_msg_prs_cfg out-of-bounds readlow🔒---
126510Google Android ResourceTypes.cpp load out-of-bounds readlow🔒---
126509Google Android avrc_api.cc avrc_proc_vendor_command out-of-bounds writemedium🔒---
126508Google Android avct_bcb_act.cc avct_bcb_msg_ind out-of-bounds readmedium🔒---
126507Google Android smp_br_main.cc smp_br_state_machine_event out-of-bounds writemedium🔒---
126506Google Android USB Device Utils.cpp readMetadata path traversallow🔒---
126505Google Android ih264d_api.c ih264d_video_decode resource consumptionlow🔒---
126504Google Android WiFi VPN access control [CVE-2018-9438]low🔒---
126503Google Android ID3.cpp out-of-bounds readmedium🔒---
126502Google Android bnep_main.cc bnep_data_ind out-of-bounds readmedium🔒---
126501Google Android OMXNodeInstance.cpp CopyToOMX out-of-bounds writemedium🔒---
126500Google Android futex.c get_futex_key use after freemedium🔒--🔒
126499Google Android bus.c driver_override_show double freemedium🔒--🔒
126498Google Android bus.c driver_override_store out-of-bounds writemedium🔒--🔒
126497Google Android Bluetooth vmacache.c hidp_process_report integer overflowmedium🔒--🔒
126496Google Android InboundSmsHandler.java processMessagePart input validationlow🔒---
126495Google Android l2c_main.cc process_l2cap_cmd out-of-bounds readmedium🔒---
126494Google Android l2c_main.cc process_l2cap_cmd out-of-bounds readmedium🔒---
126493Google Android l2c_main.cc process_l2cap_cmd out-of-bounds readmedium🔒---
126492Google Android gatt_sc.cc gatts_process_attribute_req information disclosuremedium🔒---
126491Google Android bnep_api.cc BNEP_Write out-of-bounds writemedium🔒---
126490Google Android bnep_main.c bnep_data_ind double freemedium🔒---
126489Google Android bta_dm_act.cc bta_dm_sdp_result out-of-bounds writemedium🔒---
126488Apache Syncope BPMN Definition xml external entity referencemedium🔒---
126487Apache Syncope cross site scripting [CVE-2018-17184]low🔒---
126486Texas Instruments BLE-STACK memory corruption [CVE-2018-16986]medium🔒---
126485IBM Rational Collaborative Lifecycle Management HSTS information disclosurelow🔒---
126484Knightjs path traversal [CVE-2018-16475]medium🔒---
126483tianma-static Module Stored cross site scripting [CVE-2018-16474]low🔒---
126482takeapeek Module path traversal [CVE-2018-16473]low🔒---
126481cached-path-relative input validation [CVE-2018-16472]low🔒---
126480IBM Rational Collaborative Lifecycle Management Error Message information disclosurelow🔒---
126479RichFaces Framework org.ajax4jsf.resource.UserResource$UriData code injectionmedium🔒--🔒
126478TIBCO Enterprise Messaging Service emsca cross-site request forgerylow🔒---
126477TIBCO RendezVous rvrd/rvrsd/rvsd/rvcache/rvdm cross-site request forgerylow🔒---
126476TIBCO Messaging - Apache Kafka Distribution - Schema Repository tibschemad cross-site request forgerylow🔒---
126475TIBCO FTL tibrealmserver cross-site request forgery [CVE-2018-12412]low🔒---
126474TIBCO ActiveSpaces tibdgadmind cross-site request forgery [CVE-2018-12411]low🔒---
126473i18n Gem hash.rb input validationlow🔒--🔒
126472Zoho ManageEngine Network Configuration Manager/OpManager ProcessRequest.do xml external entity referencemedium🔒---
126471osCommerce Blacklist Filter .htaccess input validationmedium🔒---
126470osCommerce Blacklist Filter .htaccess input validationmedium🔒---
126469osCommerce Blacklist Filter .htaccess input validationmedium🔒---
126468Degrau Publicidade e Internet Plataforma de E-Commerce Busca.aspx.cs sql injectionmedium🔒---
126467libIEC61850 goose_publisher.c prepareGooseBuffer memory corruptionmedium🔒---
126466Suricata SMTP Parser util-decode-mime.c ProcessMimeEntity input validationlow🔒--🔒
126465Omron CX-Supervisor Project File type conversion [CVE-2018-17913]medium🔒---
126464Omron CX-Supervisor Project File use after free [CVE-2018-17909]medium🔒---
126463Omron CX-Supervisor information disclosure [CVE-2018-17907]medium🔒---
126462Omron CX-Supervisor Project File memory corruption [CVE-2018-17905]medium🔒---
126461SourceTree Git Subrepository command injection [CVE-2018-13397]medium🔒---
126460SourceTree Git Subrepository command injection [CVE-2018-13396]medium🔒---
126459jQuery Picture Cut File Upload unrestricted upload [CVE-2018-9208]medium🔒---
126458JEECMS cross site scripting [CVE-2018-18952]low🔒---
126457KindEditor upload_json.php path traversalmedium🔒---
126456Zoho ManageEngine OpManager Mail Server Settings sql injectionmedium🔒---
126455BaserCMS edit cross site scriptinglow🔒---
126454BaserCMS ThemeConfig.php input validationmedium🔒---
126453WUZHI CMS Stored cross site scripting [CVE-2018-18939]low🔒---
126452WUZHI CMS Stored cross site scripting [CVE-2018-18938]low🔒---
126451libIEC61850 ied_connection.c ClientDataSet_getValues null pointer dereferencelow🔒---
126450PopojiCMS admin_library.php path traversal [CVE-2018-18936]medium🔒---
126449PopojiCMS cross-site request forgery [CVE-2018-18935]low🔒---
126448PopojiCMS admin_component.php unrestricted uploadmedium🔒---
126447Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds readmedium🔒---
126446International Components for Unicode number_decimalquantity.cpp toScientificString integer overflowmedium🔒--🔒
126445PublicCMS cross site scripting [CVE-2018-18927]low🔒---
126444Gitea Session ID session session fixiationmedium🔒---
126443Gogs Session ID session session fixiationmedium🔒---
126442ProjeQtOr image-upload input validation [CVE-2018-18924]medium🔒---
126441WP Editor.MD Plugin cross site scripting [CVE-2018-18919]low🔒---
126440xhEditor SRC Attribute cross site scripting [CVE-2018-18909]low🔒---
126439Vanilla code injection [CVE-2018-18903]medium🔒---
126438Waimai Super CMS cross-site request forgery [CVE-2018-14014]medium🔒---
126437Schneider Electric Software Update DLL uncontrolled search pathmedium🔒---
126436Schneider Electric Modicon M221 IPv4 Config insufficient verification of data authenticitymedium🔒---
126435Yi Home Camera 27US UDP Packet resource consumption [CVE-2018-3935]low🔒---
126434Yi Home Camera 27US UDP Packet key management [CVE-2018-3934]medium🔒---
126433Yi Home Camera 27US 7-zip File input validation [CVE-2018-3920]medium🔒---
126432Yi Home Camera 27US QR Code Scanner memory corruption [CVE-2018-3899]medium🔒---
126431Yi Home Camera 27US QR Code Scanner memory corruption [CVE-2018-3898]medium🔒---
126430Yi Home Camera 27US memory corruption [CVE-2018-3892]medium🔒---
126429Yi Home Camera 27US SD Card input validation [CVE-2018-3891]medium🔒---
126428Yi Home Camera 27US SD Card command injection [CVE-2018-3890]medium🔒---
126427Exiv2 image.cpp printIFDStructure resource consumptionlow🔒---
126426Poppler GfxState.cc setDisplayProfile resource managementlow🔒--🔒
126425IBM Robotic Process Automation with Automation Anywhere information disclosurelow🔒---
126424IBM Robotic Process Automation with Automation Anywhere Password information disclosurelow🔒---
126423IBM Robotic Process Automation with Automation Anywhere Control Room Log File log filelow🔒---
126422IBM Rational Engineering Lifecycle Manager XML Data xml external entity referencemedium🔒---
126421IBM Daeja ViewONE XML Data xml external entity reference [CVE-2018-1835]medium🔒---
126420Circontrol CirCarLife PAP Credential Storage Log credentials managementlow🔒---
126419Circontrol CirCarLife URL improper authentication [CVE-2018-17918]medium🔒---
126418InduSoft Web Studio/Aveva InTouch Edge HMI memory corruptionmedium🔒---
126417InduSoft Web Studio/Aveva InTouch Edge HMI access control [CVE-2018-17914]medium🔒---
126416CASE Suite Parameter Entity xml external entity reference [CVE-2018-17912]medium🔒---
126415IBM Spectrum Protect Trace Log log file [CVE-2018-1788]low🔒--🔒
126414openstack-mistral information disclosure [CVE-2018-16849]low🔒---
126413QEMU NVM Express Controller Emulator out-of-bounds read [CVE-2018-16847]medium🔒--🔒
126412Pivotal Operations Manager access control [CVE-2018-15762]medium🔒---
126411IBM Robotic Process Automation with Automation Anywhere File Upload unrestricted uploadmedium🔒---
126410Dell EMC Integrated Data Protection Appliance hard-coded credentialsmedium🔒---
126409IBM Quality Manager Web UI cross site scripting [CVE-2017-1609]low🔒---
126408Xiph Icecast URL Authentication memory corruption [CVE-2018-18820]medium🔒--🔒
126407Green Electronics RainMachine Mini-8/Touch HD 12 Web Application API Page input validationmedium🔒---
126406Green Electronics RainMachine Mini-8/Touch HD 12 Web Application HTTP Header improper authenticationmedium🔒---
126405Green Electronics RainMachine Mini-8/Touch HD 12 Web Application REST API cross-site request forgerylow🔒---
126404Green Electronics RainMachine Mini-8/Touch HD 12 Web Application REST API Persistent cross site scriptinglow🔒---
126403Green Electronics RainMachine Mini-8 Add New Weather Data Source code injectionmedium🔒---
126402Green Electronics RainMachine Mini-8 TOTP Hash credentials managementmedium🔒---
126401SDL2_image XCF Image memory corruption [CVE-2018-3977]medium🔒--🔒
126400Yi Home Camera 27US Phone-to-Camera Communication information disclosurelow🔒---
126399Yi Home Camera 27US access control [CVE-2018-3928]medium🔒---
126398Yi Home Camera 27US OTA Setup command injection [CVE-2018-3910]medium🔒---
126397Yi Home Camera 27US QR Code Scanner memory corruption [CVE-2018-3900]medium🔒---
126396Microstrategy Web mstrWeb path traversalmedium🔒---
126395Microstrategy Web admin.asp cross site scriptinglow🔒---
126394Microstrategy Web Login.asp cross site scriptinglow🔒---
126393IObit Malware Fighter IOCTL RegFilter.sys memory corruptionmedium🔒---
126392M2SOFT Report Designer Viewer MRD File memory corruption [CVE-2018-18695]medium🔒---
126391Red Hat GlusterFS resource management [CVE-2018-14660]low🔒--🔒
126390NetGain Enterprise Manager os command injection [CVE-2018-10587]medium🔒---
126389NetGain Enterprise Manager Stored cross site scripting [CVE-2018-10586]low🔒---
126388ZTE ZXR10 8905E TCP ISN 7pk security [CVE-2018-7356]medium🔒---
126387Cisco ASA/Firepower Threat Defense Session Initiation Protocol input validationlow🔒--🔒
126386PowerDNS Authoritative Server Zone integer overflow [CVE-2016-2120]medium🔒--🔒
126385miniCMS install.php code injectionmedium🔒---
126384miniCMS improper authentication [CVE-2018-18891]medium🔒---
126383miniCMS Path path traversal [CVE-2018-18890]low🔒---
126382laravelCMS ProfileController.php unrestricted uploadmedium🔒---
126381X-CMS PHP member_news.php sql injectionmedium🔒---
126380Xen null pointer dereference [CVE-2018-18883]medium🔒--🔒
126379nc-cms Upload unrestricted upload [CVE-2018-18874]medium🔒---
126378Jasper ras_enc.c ras_putdatastd null pointer dereferencelow🔒--🔒
126377EmpireCMS ecmscom.php path traversalmedium🔒---
126376No-CMS Persistent cross site scripting [CVE-2018-18868]low🔒---
126375Tecrail Responsive FileManager Incomplete Fix upload.php server-side request forgerymedium🔒---
126374Lightbend Spray spray-json Hash Code resource consumption [CVE-2018-18854]low🔒---
126373Lightbend Spray spray-json Field Parser Complexity resource consumptionlow🔒---
126372IBM WebSphere Application Server Liberty RP Service deserializationmedium🔒---
126371cURL tool_msgs.c voutf out-of-bounds readmedium🔒--🔒
126370cURL Easy Curl_close use after freemedium🔒--🔒
126369cURL SASL Authentication memory corruption [CVE-2018-16839]low🔒--🔒
126368Advantech WebAccess Bwmainleft.asp cross site scriptinglow🔒---
126367Advantech WebAccess WADashboard API path traversal [CVE-2018-15706]medium🔒---
126366Advantech WebAccess WADashboard API path traversal [CVE-2018-15705]medium🔒---
126365F5 BIG-IP TMUI command injection [CVE-2018-15327]medium🔒--🔒
126364F5 BIG-IP APM CRLDP Auth Access Policy Agent certificate validationmedium🔒--🔒
126363F5 BIG-IP iControl/TMSH resource consumption [CVE-2018-15325]low🔒--🔒
126362F5 BIG-IP APM APM Portal Access input validation [CVE-2018-15324]low🔒--🔒
126361F5 BIG-IP TMM input validation [CVE-2018-15323]medium🔒--🔒
126360F5 BIG-IP tmsh var access controllow🔒--🔒
126359F5 BIG-IP Appliance Mode access control [CVE-2018-15321]medium🔒--🔒
126358F5 BIG-IP access control [CVE-2018-15320]low🔒--🔒
126357F5 BIG-IP TMM input validation [CVE-2018-15319]low🔒--🔒
126356F5 BIG-IP MPTCP Connection input validation [CVE-2018-15318]low🔒--🔒
126355F5 BIG-IP SSL Virtual Server cryptographic issues [CVE-2018-15317]low🔒--🔒
126354Red Hat GlusterFS snprintf format stringmedium🔒--🔒
126353Red Hat GlusterFS setxattr(2) resource consumptionlow🔒--🔒
126352Red Hat GlusterFS input validation [CVE-2018-14654]medium🔒--🔒
126351Red Hat GlusterFS __server_getspec memory corruptionmedium🔒--🔒
126350Red Hat GlusterFS pl_getxattr memory corruptionmedium🔒--🔒
126349Red Hat GlusterFS Incomplete Fix link following [CVE-2018-14651]medium🔒--🔒
126348Synology Photo Station SYNO.PhotoStation.Auth session fixiationmedium🔒---
126347Synology DiskStation Manager SYNO.Core.ACL information disclosurelow🔒---
126346Apache Tomcat Path path traversal [CVE-2018-11759]medium🔒--🔒
126345Red Hat JBoss BPM Suite Dashbuilder Controller Reflected cross site scriptinglow🔒---
126344libexif MNOTE Entry Parser integer overflow [CVE-2016-6328]medium🔒--🔒
126343cfme Control File Import code injection [CVE-2016-5402]medium🔒---
126342Redis Permission access control [CVE-2016-2121]low🔒---
126341Apple macOS WiFi input validation [CVE-2018-4368]low🔒--🔒
126340Apple macOS Symptom Framework out-of-bounds read [CVE-2018-4203]medium🔒--🔒
126339Apple macOS Spotlight memory corruption [CVE-2018-4393]medium🔒--🔒
126338Apple macOS Security input validation [CVE-2018-4395]low🔒--🔒
126337Apple macOS Security input validation [CVE-2018-4400]low🔒--🔒
126336Apple macOS Ruby path traversal [CVE-2018-8780]medium🔒--🔒
126335Apple macOS Ruby input validation [CVE-2018-8779]medium🔒--🔒
126334Apple macOS Ruby format string [CVE-2018-8778]medium🔒--🔒
126333Apple macOS Ruby resource consumption [CVE-2018-8777]medium🔒--🔒
126332Apple macOS Ruby path traversal [CVE-2018-6914]medium🔒--🔒
126331Apple macOS Ruby response splitting [CVE-2017-17742]medium🔒--🔒
126330Apple macOS Ruby os command injection [CVE-2017-17405]medium🔒--🔒
126329Apple macOS Ruby memory corruption [CVE-2017-14064]medium🔒--🔒
126328Apple macOS Ruby memory corruption [CVE-2017-14033]medium🔒--🔒
126327Apple macOS Ruby improper authentication [CVE-2017-10784]medium🔒--🔒
126326Apple macOS Ruby format string [CVE-2017-0898]medium🔒--🔒
126325Apple macOS Perl memory corruption [CVE-2018-6797]medium🔒--🔒
126324Apple macOS NetworkExtension input validation [CVE-2018-4369]low🔒--🔒
126323Apple macOS Microcode information disclosure [CVE-2018-3640]low🔒--🔒
126322Apple macOS MediaRemote privileges management [CVE-2018-4310]medium🔒--🔒
126321Apple macOS mDNSOffloadUserClient memory corruption [CVE-2018-4326]medium🔒--🔒
126320Apple macOS Mail input validation [CVE-2018-4389]medium🔒--🔒
126319Apple macOS Login Window input validation [CVE-2018-4348]low🔒--🔒
126318Apple macOS Kernel memory corruption [CVE-2018-4424]medium🔒--🔒
126317Apple macOS Kernel memory corruption [CVE-2018-4407]medium🔒--🔒
126316Apple macOS Kernel memory corruption [CVE-2018-4413]medium🔒--🔒
126315Apple macOS Kernel memory corruption [CVE-2018-4291]high🔒--🔒
126314Apple macOS Kernel memory corruption [CVE-2018-4288]high🔒--🔒
126313Apple macOS Kernel memory corruption [CVE-2018-4287]high🔒--🔒
126312Apple macOS Kernel memory corruption [CVE-2018-4286]high🔒--🔒
126311Apple macOS Kernel memory corruption [CVE-2018-4259]high🔒--🔒
126310Apple macOS Kernel memory corruption [CVE-2018-4425]medium🔒--🔒
126309Apple macOS Kernel memory corruption [CVE-2018-4419]medium🔒--🔒
126308Apple macOS Kernel memory corruption [CVE-2018-4340]medium🔒--🔒
126307Apple macOS Kernel input validation [CVE-2018-4399]low🔒--🔒
126306Apple macOS Kernel memory corruption [CVE-2018-4420]medium🔒--🔒
126305Apple macOS IPSec out-of-bounds read [CVE-2018-4371]medium🔒--🔒
126304Apple macOS IOUserEthernet memory corruption [CVE-2018-4401]medium🔒--🔒
126303Apple macOS IOKit memory corruption [CVE-2018-4354]medium🔒--🔒
126302Apple macOS IOKit memory corruption [CVE-2018-4341]medium🔒--🔒
126301Apple macOS IOKit memory corruption [CVE-2018-4402]medium🔒--🔒
126300Apple macOS IOHIDFamily memory corruption [CVE-2018-4408]medium🔒--🔒
126299Apple macOS IOGraphics memory corruption [CVE-2018-4422]medium🔒--🔒
126298Apple macOS Intel Graphics Driver memory corruption [CVE-2018-4350]medium🔒--🔒
126297Apple macOS Intel Graphics Driver input validation [CVE-2018-4418]low🔒--🔒
126296Apple macOS Intel Graphics Driver input validation [CVE-2018-4396]low🔒--🔒
126295Apple macOS Intel Graphics Driver memory corruption [CVE-2018-4334]medium🔒--🔒
126294Apple macOS ICU memory corruption [CVE-2018-4394]medium🔒--🔒
126293Apple macOS Hypervisor memory corruption [CVE-2018-4242]medium🔒--🔒
126292Apple macOS Hypervisor information disclosure [CVE-2018-3646]low🔒--🔒
126291Apple macOS Heimdal memory corruption [CVE-2018-4331]medium🔒--🔒
126290Apple macOS Grand Central Dispatch memory corruption [CVE-2018-4426]medium🔒--🔒
126289Apple macOS Foundation input validation [CVE-2018-4304]low🔒--🔒
126288Apple macOS EFI input validation [CVE-2018-4342]medium🔒--🔒
126287Apple macOS EFI information disclosure [CVE-2018-3639]low🔒--🔒
126286Apple macOS dyld input validation [CVE-2018-4423]medium🔒--🔒
126285Apple macOS Dock information disclosure [CVE-2018-4403]medium🔒--🔒
126284Apple macOS Dictionary input validation [CVE-2018-4346]low🔒--🔒
126283Apple macOS CUPS input validation [CVE-2018-4406]low🔒--🔒
126282Apple macOS CUPS injection [CVE-2018-4153]medium🔒--🔒
126281Apple macOS CoreFoundation memory corruption [CVE-2018-4412]medium🔒--🔒
126280Apple macOS CoreCrypto Prime Number input validationmedium🔒--🔒
126279Apple macOS CoreAnimation memory corruption [CVE-2018-4415]medium🔒--🔒
126278Apple macOS CFNetwork memory corruption [CVE-2018-4126]medium🔒--🔒
126277Apple macOS ATS out-of-bounds read [CVE-2018-4308]medium🔒--🔒
126276Apple macOS ATS memory corruption [CVE-2018-4411]medium🔒--🔒
126275Apple macOS APR out-of-bounds read [CVE-2017-12618]medium🔒--🔒
126274Apple macOS APR out-of-bounds read [CVE-2017-12613]medium🔒--🔒
126273Apple macOS AppleGraphicsControl input validation [CVE-2018-4417]low🔒--🔒
126272Apple macOS AppleGraphicsControl memory corruption [CVE-2018-4410]medium🔒--🔒
126271Apple macOS afpserver input validation [CVE-2018-4295]medium🔒--🔒
126270Apple Safari WebKit memory corruption [CVE-2018-4378]medium🔒--🔒
126269Apple Safari WebKit resource consumption [CVE-2018-4409]low🔒--🔒
126268Apple Safari WebKit memory corruption [CVE-2018-4416]medium🔒--🔒
126267Apple Safari WebKit memory corruption [CVE-2018-4392]medium🔒--🔒
126266Apple Safari WebKit memory corruption [CVE-2018-4386]medium🔒--🔒
126265Apple Safari WebKit memory corruption [CVE-2018-4382]medium🔒--🔒
126264Apple Safari WebKit memory corruption [CVE-2018-4376]medium🔒--🔒
126263Apple Safari WebKit memory corruption [CVE-2018-4375]medium🔒--🔒
126262Apple Safari WebKit memory corruption [CVE-2018-4373]medium🔒--🔒
126261Apple Safari WebKit memory corruption [CVE-2018-4372]medium🔒--🔒
126260Apple Safari Safari Reader Universal cross site scriptingmedium🔒--🔒
126259Apple Safari Safari Reader Universal cross site scriptingmedium🔒--🔒
126258Apple iCloud WebKit memory corruption [CVE-2018-4378]medium🔒--🔒
126257Apple iCloud WebKit resource consumption [CVE-2018-4409]low🔒--🔒
126256Apple iCloud WebKit memory corruption [CVE-2018-4416]medium🔒--🔒
126255Apple iCloud WebKit memory corruption [CVE-2018-4392]medium🔒--🔒
126254Apple iCloud WebKit memory corruption [CVE-2018-4386]medium🔒--🔒
126253Apple iCloud WebKit memory corruption [CVE-2018-4382]medium🔒--🔒
126252Apple iCloud WebKit memory corruption [CVE-2018-4376]medium🔒--🔒
126251Apple iCloud WebKit memory corruption [CVE-2018-4375]medium🔒--🔒
126250Apple iCloud WebKit memory corruption [CVE-2018-4373]medium🔒--🔒
126249Apple iCloud WebKit memory corruption [CVE-2018-4372]medium🔒--🔒
126248Apple iCloud Safari Reader Universal cross site scriptingmedium🔒--🔒
126247Apple iCloud Safari Reader Universal cross site scriptingmedium🔒--🔒
126246Apple iCloud CoreCrypto Prime Number input validationmedium🔒--🔒
126245Apple iTunes WebKit memory corruption [CVE-2018-4378]medium🔒--🔒
126244Apple iTunes WebKit resource consumption [CVE-2018-4409]low🔒--🔒
126243Apple iTunes WebKit memory corruption [CVE-2018-4416]medium🔒--🔒
126242Apple iTunes WebKit memory corruption [CVE-2018-4392]medium🔒--🔒
126241Apple iTunes WebKit memory corruption [CVE-2018-4386]medium🔒--🔒
126240Apple iTunes WebKit memory corruption [CVE-2018-4382]medium🔒--🔒
126239Apple iTunes WebKit memory corruption [CVE-2018-4376]medium🔒--🔒
126238Apple iTunes WebKit memory corruption [CVE-2018-4375]medium🔒--🔒
126237Apple iTunes WebKit memory corruption [CVE-2018-4373]medium🔒--🔒
126236Apple iTunes WebKit memory corruption [CVE-2018-4372]medium🔒--🔒
126235Apple iTunes Safari Reader Universal cross site scriptingmedium🔒--🔒
126234Apple iTunes Safari Reader Universal cross site scriptingmedium🔒--🔒
126233Apple iTunes ICU memory corruption [CVE-2018-4394]medium🔒--🔒
126232Apple iTunes CoreCrypto Prime Number input validationmedium🔒--🔒
126231Apple watchOS WiFi input validation [CVE-2018-4368]low🔒--🔒
126230Apple watchOS WebKit memory corruption [CVE-2018-4378]medium🔒--🔒
126229Apple watchOS WebKit memory corruption [CVE-2018-4416]medium🔒--🔒
126228Apple watchOS WebKit memory corruption [CVE-2018-4392]medium🔒--🔒
126227Apple watchOS WebKit memory corruption [CVE-2018-4386]medium🔒--🔒
126226Apple watchOS WebKit memory corruption [CVE-2018-4382]medium🔒--🔒
126225Apple watchOS WebKit memory corruption [CVE-2018-4376]medium🔒--🔒
126224Apple watchOS WebKit memory corruption [CVE-2018-4375]medium🔒--🔒
126223Apple watchOS WebKit memory corruption [CVE-2018-4373]medium🔒--🔒
126222Apple watchOS WebKit memory corruption [CVE-2018-4372]medium🔒--🔒
126221Apple watchOS Security input validation [CVE-2018-4400]low🔒--🔒
126220Apple watchOS Safari Reader Universal cross site scriptingmedium🔒--🔒
126219Apple watchOS Safari Reader Universal cross site scriptingmedium🔒--🔒
126218Apple watchOS NetworkExtension input validation [CVE-2018-4369]low🔒--🔒
126217Apple watchOS Kernel memory corruption [CVE-2018-4419]medium🔒--🔒
126216Apple watchOS Kernel memory corruption [CVE-2018-4413]medium🔒--🔒
126215Apple watchOS Kernel memory corruption [CVE-2018-4420]medium🔒--🔒
126214Apple watchOS IPSec out-of-bounds read [CVE-2018-4371]medium🔒--🔒
126213Apple watchOS ICU memory corruption [CVE-2018-4394]medium🔒--🔒
126212Apple watchOS CoreCrypto Prime Number input validationmedium🔒--🔒
126211Apple watchOS AppleAVD memory corruption [CVE-2018-4384]medium🔒---
126210Apple tvOS WiFi input validation [CVE-2018-4368]low🔒--🔒
126209Apple tvOS WebKit memory corruption [CVE-2018-4378]medium🔒--🔒
126208Apple tvOS WebKit resource consumption [CVE-2018-4409]low🔒--🔒
126207Apple tvOS WebKit memory corruption [CVE-2018-4416]medium🔒--🔒
126206Apple tvOS WebKit memory corruption [CVE-2018-4392]medium🔒--🔒
126205Apple tvOS WebKit memory corruption [CVE-2018-4386]medium🔒--🔒
126204Apple tvOS WebKit memory corruption [CVE-2018-4382]medium🔒--🔒
126203Apple tvOS WebKit memory corruption [CVE-2018-4372]medium🔒--🔒
126202Apple tvOS NetworkExtension input validation [CVE-2018-4369]low🔒--🔒
126201Apple tvOS Kernel memory corruption [CVE-2018-4419]medium🔒--🔒
126200Apple tvOS Kernel memory corruption [CVE-2018-4413]medium🔒--🔒
126199Apple tvOS Kernel memory corruption [CVE-2018-4420]medium🔒--🔒
126198Apple tvOS IPSec out-of-bounds read [CVE-2018-4371]medium🔒--🔒
126197Apple tvOS ICU memory corruption [CVE-2018-4394]medium🔒--🔒
126196Apple tvOS CoreCrypto Prime Number input validationmedium🔒--🔒
126195Apple iOS WiFi input validation [CVE-2018-4368]low🔒--🔒
126194Apple iOS WebKit memory corruption [CVE-2018-4378]medium🔒--🔒
126193Apple iOS WebKit resource consumption [CVE-2018-4409]low🔒--🔒
126192Apple iOS WebKit memory corruption [CVE-2018-4416]medium🔒--🔒
126191Apple iOS WebKit memory corruption [CVE-2018-4392]medium🔒--🔒
126190Apple iOS WebKit memory corruption [CVE-2018-4386]medium🔒--🔒
126189Apple iOS WebKit memory corruption [CVE-2018-4382]medium🔒--🔒
126188Apple iOS WebKit memory corruption [CVE-2018-4376]medium🔒--🔒
126187Apple iOS WebKit memory corruption [CVE-2018-4375]medium🔒--🔒
126186Apple iOS WebKit memory corruption [CVE-2018-4373]medium🔒--🔒
126185Apple iOS WebKit memory corruption [CVE-2018-4372]medium🔒--🔒
126184Apple iOS WebKit Address input validationmedium🔒---
126183Apple iOS VoiceOver information disclosure [CVE-2018-4387]low🔒---
126182Apple iOS Security input validation [CVE-2018-4400]low🔒--🔒
126181Apple iOS Safari Reader Universal cross site scriptinglow🔒--🔒
126180Apple iOS Safari Reader Universal cross site scriptinglow🔒--🔒
126179Apple iOS Notes Lock Screen information disclosuremedium🔒---
126178Apple iOS NetworkExtension input validation [CVE-2018-4369]low🔒--🔒
126177Apple iOS Messages authentication spoofing [CVE-2018-4391]medium🔒---
126176Apple iOS Messages authentication spoofing [CVE-2018-4390]medium🔒---
126175Apple iOS Kernel memory corruption [CVE-2018-4419]medium🔒--🔒
126174Apple iOS Kernel memory corruption [CVE-2018-4413]low🔒--🔒
126173Apple iOS Kernel memory corruption [CVE-2018-4420]medium🔒--🔒
126172Apple iOS IPSec out-of-bounds read [CVE-2018-4371]medium🔒--🔒
126171Apple iOS IOHIDFamily memory corruption [CVE-2018-4427]medium🔒--🔒
126170Apple iOS ICU memory corruption [CVE-2018-4394]medium🔒--🔒
126169Apple iOS Graphics Driver memory corruption [CVE-2018-4384]medium🔒---
126168Apple iOS FaceTime memory corruption [CVE-2018-4367]medium🔒---
126167Apple iOS FaceTime memory corruption [CVE-2018-4366]medium🔒---
126166Apple iOS CoreCrypto Prime Number input validationmedium🔒--🔒
126165Apple iOS Contacts out-of-bounds read [CVE-2018-4365]low🔒---
126164Apple iOS AppleAVD memory corruption [CVE-2018-4384]medium🔒---
126163VGo Robot Firmware Credentials credentials managementlow🔒---
126162Octopus Deploy YAML Config input validation [CVE-2018-18850]medium🔒---
126161Z-BlogPHP theme.js.php cross-site request forgerylow🔒---
126160SEMCMS PHP cross site scripting [CVE-2018-18841]low🔒---
126159SEMCMS PHP cross site scripting [CVE-2018-18840]low🔒---
126158DocCms Template File changeskin.php upload_template code injectionmedium🔒---
126157libIEC61850 ber_encoder.c BerEncoder_encodeOctetString memory corruptionmedium🔒---
126156DKCMS Cookie check.asp sql injectionmedium🔒---
126155MCMS GeneraterAction.java path traversalmedium🔒---
126154MCMS File Upload FileAction.java unrestricted uploadmedium🔒---
126153libav AAC File vc1.c ff_vc1_parse_frame_header_adv null pointer dereferencelow🔒---
126152libav AAC File vc1_block.c vc1_decode_i_block_adv memory corruptionmedium🔒---
126151libav AAC File vc1_block.c ff_vc1_pred_dc out-of-bounds readmedium🔒---
126150libav AAC File vc1_block.c memory corruptionmedium🔒---
126149Pagoda Linux Panel Verification Code cross site scripting [CVE-2018-18825]low🔒---
126148Grapixel New Media pages.aspx sql injectionmedium🔒---
126147Linux Kernel mremap input validationmedium🔒--🔒
126146VGo Robot XAMPP improper authorization [CVE-2018-17933]medium🔒---
126145VGo Robot access control [CVE-2018-17931]medium🔒---
126144MantisBT Edit Filter Page manage_filter_edit_page.php cross site scriptinglow🔒---
126143MantisBT Filters Page manage_filter_page.php cross site scriptinglow🔒---
126142Merge Package merge.recursive input validationlow🔒---
126141Loofah Gem SVG Javascript cross site scriptingmedium🔒--🔒
126140Nextcloud Server Check improper authentication [CVE-2018-16467]medium🔒---
126139Nextcloud Server Access Restriction access control [CVE-2018-16466]medium🔒---
126138Nextcloud Server Second Factor improper authentication [CVE-2018-16465]medium🔒---
126137Nextcloud Server Access Check improper authentication [CVE-2018-16464]medium🔒---
126136Nextcloud Server Session session fixiation [CVE-2018-16463]medium🔒---
126135apex-publish-static-files command injection [CVE-2018-16462]medium🔒---
126134libnmapp Range Option command injection [CVE-2018-16461]medium🔒---
126133Tenda AC7/AC9/AC10 setUsbUnload dosystemCmd command injectionmedium🔒---
126132ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access controlmedium🔒---
126131ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys input validationmedium🔒---
126130ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access controlmedium🔒---
126129ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access controlmedium🔒---
126128EE 4GEE HH70 SSH core_app hard-coded credentialsmedium🔒---
126127OpenSSL DSA Signature key management [CVE-2018-0734]medium🔒--🔒
126126BitDefender GravityZone VMware Appliance access control [CVE-2017-8931]high🔒---
126125Interactive Advertising Bureau OpenRTB access control [CVE-2015-7266]low🔒---
126124python-kdcproxy POST Request input validation [CVE-2015-5159]low🔒---
126123Leostream Agent API Registry access controlmedium🔒---
126122PlaySMS Daemon access control [CVE-2018-18387]medium🔒---
126121Advantech WebAccess memory corruption [CVE-2018-17910]medium🔒---
126120Advantech WebAccess Access Control access control [CVE-2018-17908]medium🔒---
126119Foxit PhantomPDF fxhtml2pdf memory corruption [CVE-2018-17706]medium🔒---
126118IBM WebSphere Application Server Cachemonitor cross site scriptinglow🔒---
126117IBM Team Concert Web UI cross site scripting [CVE-2018-1766]low🔒---
126116Foxit Reader use after free [CVE-2018-17624]medium🔒---
126115Foxit Reader use after free [CVE-2018-17623]medium🔒---
126114Foxit Reader information disclosure [CVE-2018-17622]low🔒---
126113Foxit Reader use after free [CVE-2018-17621]medium🔒---
126112Foxit Reader use after free [CVE-2018-17620]medium🔒---
126111Foxit Reader use after free [CVE-2018-17619]medium🔒---
126110Foxit Reader use after free [CVE-2018-17618]medium🔒---
126109Foxit Reader use after free [CVE-2018-17617]medium🔒---
126108Foxit Reader use after free [CVE-2018-17616]medium🔒---
126107Foxit Reader use after free [CVE-2018-17615]medium🔒---
126106IBM InfoSphere Master Data Management Collaboration Server information disclosuremedium🔒---
126105Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11884]medium🔒---
126104Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11882]medium🔒---
126103Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11880]medium🔒---
126102Qualcomm Snapdragon Mobile integer overflow [CVE-2018-11879]medium🔒---
126101Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11877]medium🔒---
126100Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11876]medium🔒---
126099Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11875]medium🔒---
126098Qualcomm Snapdragon Mobile NDP Connection memory corruption [CVE-2018-11874]medium🔒---
126097Qualcomm Snapdragon Mobile WLAN input validation [CVE-2018-11873]medium🔒---
126096Qualcomm Snapdragon Mobile WLAN input validation [CVE-2018-11872]medium🔒---
126095Qualcomm Snapdragon Automobile WLAN memory corruption [CVE-2018-11871]medium🔒---
126094Qualcomm Snapdragon Automobile Legacy Rate Count memory corruptionmedium🔒---
126093Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11867]medium🔒---
126092Qualcomm Snapdragon Mobile WLAN integer overflow [CVE-2018-11866]medium🔒---
126091Qualcomm Snapdragon Mobile Structure Size Calculation integer overflowmedium🔒---
126090Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11862]medium🔒---
126089Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11861]medium🔒---
126088Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11859]medium🔒---
126087Qualcomm Snapdragon Mobile IE Set Command memory corruption [CVE-2018-11858]medium🔒---
126086Qualcomm Snapdragon Mobile WLAN Encryption Module memory corruptionmedium🔒---
126085Qualcomm Snapdragon Mobile WMI Command memory corruption [CVE-2018-11856]medium🔒---
126084Google Android Linux Kernel out-of-bounds read [CVE-2017-18281]medium🔒---
126083zzcms Cookie zs_list.php sql injectionmedium🔒---
126082zzcms Cookie search.php sql injectionmedium🔒---
126081zzcms Cookie special_add.php sql injectionmedium🔒---
126080zzcms top.php sql injectionmedium🔒---
126079zzcms classmanage.php sql injectionmedium🔒---
126078zzcms Cookie zs.php sql injectionmedium🔒---
126077zzcms Cookie zs.php sql injectionmedium🔒---
126076zzcms Cookie subzs.php sql injectionmedium🔒---
126075zzcms tagmanage.php sql injectionmedium🔒---
126074SEMCMS cross site scripting [CVE-2018-18783]low🔒---
126073DeDeCMS myfriend.php Reflected cross site scriptinglow🔒---
126072DeDeCMS uploads_select.php cross site scriptinglow🔒---
126071Acme mini_httpd information disclosure [CVE-2018-18778]medium🔒---
126070LuLu CMS DefaultController.php unrestricted uploadmedium🔒---
126069Cesanta Mongoose MQTT Parser mg_mqtt_next_subscribe_topic out-of-bounds readmedium🔒---
126068Cesanta Mongoose MQTT Parser parse_mqtt out-of-bounds readmedium🔒---
126067ZyXEL VMG3312-B10B default.cfg credentials managementmedium🔒---
126066Typecho server-side request forgery [CVE-2018-18753]medium🔒---
126065Webiness Inventory WsSaveToModel.php unrestricted upload [CVE-2018-18752]medium🔒---
126064GNU gettext read-catalog.c default_add_message double freemedium🔒--🔒
126063data-tools write_wchars integer overflowmedium🔒---
126062Sandboxie Sandbox os.system("cmd") input validationmedium🔒---
126061SEMCMS Edit cross site scripting [CVE-2018-18745]low🔒---
126060SEMCMS Textbox SEMCMS_Main.php cross site scriptinglow🔒---
126059SEMCMS cross site scripting [CVE-2018-18743]low🔒---
126058SEMCMS cross-site request forgery [CVE-2018-18742]low🔒---
126057SEMCMS Edit cross site scripting [CVE-2018-18741]low🔒---
126056SEMCMS cross site scripting [CVE-2018-18740]low🔒---
126055SEMCMS cross site scripting [CVE-2018-18739]low🔒---
126054SEMCMS cross site scripting [CVE-2018-18738]low🔒---
126053Douchat notify.php simplexml_load_string xml external entity referencemedium🔒---
126052Catfish Blog Source Code cross site scripting [CVE-2018-18736]low🔒---
126051Catfish Blog tiquan cross-site request forgerylow🔒---
126050Catfish CMS addmanageuser.html cross-site request forgerylow🔒---
126049Catfish CMS Source Code cross site scripting [CVE-2018-18733]low🔒---
126048Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18732]medium🔒---
126047Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18731]medium🔒---
126046Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18730]medium🔒---
126045Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18729]medium🔒---
126044Tenda AC9/AC18 POST Request __fastcall command injectionmedium🔒---
126043Tenda AC7/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18727]medium🔒---
126042YUNUCMS cross site scripting [CVE-2018-18726]low🔒---
126041YUNUCMS cross site scripting [CVE-2018-18725]low🔒---
126040YUNUCMS cross site scripting [CVE-2018-18724]low🔒---
126039YUNUCMS 110000 cross site scriptinglow🔒---
126038YUNUCMS cross site scripting [CVE-2018-18722]low🔒---
126037YUNUCMS cross site scripting [CVE-2018-18721]low🔒---
126036YUNUCMS basic cross site scriptinglow🔒---
126035gThumb dlg-contact-sheet.c add_themes_from_dir double freemedium🔒--🔒
126034Eleanor CMS ajax.php cross site scriptinglow🔒---
126033PHPYun database.class.php down_sql_action path traversalmedium🔒---
126032WUZHI CMS cross-site request forgery [CVE-2018-18712]low🔒---
126031WUZHI CMS cross-site request forgery [CVE-2018-18711]low🔒---
126030Linux Kernel cdrom.c cdrom_ioctl_select_disc Kernel Memory information disclosuremedium🔒--🔒
126029Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18709]low🔒---
126028Tenda AC7/AC9/AC10/AC15/AC18 Web Server fromAddressNat memory corruptionlow🔒---
126027Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18707]low🔒---
126026Tenda AC7/AC9/AC10/AC15/AC18 Web Server fromDhcpListClient memory corruptionlow🔒---
126025PhpTpoint Hospital Management System index.php sql injectionmedium🔒---
126024PhpTpoint Pharmacy Management System index.php sql injectionmedium🔒---
126023PhpTpoint Mailing Server Using File Handling Login Page home.php path traversalmedium🔒---
126022iCMS spider.admincp.php sql injectionmedium🔒---
126021GNU binutils GNU libiberty cp-demangle.c next_is_type_qual resource consumptionlow🔒---
126020GNU binutils GNU libiberty cp-demangle.c d_local_name resource consumptionlow🔒---
126019GoPro gpmf-parser GPMF_mp4reader.c OpenMP4Source out-of-bounds writemedium🔒---
126018Monstra CMS Stored cross site scripting [CVE-2018-18694]low🔒---
126017OpenSSL ECDSA key management [CVE-2018-0735]medium🔒--🔒
126016ProjectSend actions.log.export.php improper authorizationmedium🔒---
126015ProjectSend process-zip-download.php path traversalmedium🔒---
126014ProjectSend users.php improper authenticationmedium🔒---
126013ProjectSend manage-files.php sql injectionmedium🔒---
126012Linux Kernel XFS File System xfs_attr.c data processinglow🔒--🔒
126011HPE Windows Firmware Installer information disclosure [CVE-2018-7112]low🔒---
126010Ubuntu Linux Kernel information disclosure [CVE-2018-6559]low🔒--🔒
126009Qualcomm Snapdragon Mobile/Snapdragon Wear TZ array index [CVE-2018-5914]medium🔒---
126008Qualcomm Snapdragon Mobile/Snapdragon Wear Log memory corruptionmedium🔒---
126007MKVToolNix MKVINFO MKV use after free [CVE-2018-4022]medium🔒--🔒
126006Qualcomm Snapdragon Automobile Access Control access controlmedium🔒---
126005Artifex MuPDF font.c fz_run_t3_glyph out-of-bounds readmedium🔒--🔒
126004LibTIFF tif_lzw.c LZWDecode null pointer dereferencelow🔒--🔒
126003Arcserve Unified Data Protection domain.jsp Reflected cross site scriptinglow🔒---
126002Arcserve Unified Data Protection UdpHttpService xml external entity referencemedium🔒---
126001Arcserve Updates Data Protection FullUpdateSettings.xml information disclosurelow🔒---
126000Arcserve Unified Data Protection EdgeServiceImpl information disclosurelow🔒---
125999PureVPN Client login.conf Credentials credentials managementlow🔒---
125998systemd dhcp6 Client memory corruption [CVE-2018-15688]medium🔒--🔒
125997systemd chown_one race conditionmedium🔒--🔒
125996systemd unit_deserialize deserializationmedium🔒--🔒
125995Qualcomm Snapdragon Mobile Core module access control [CVE-2018-11951]medium🔒---
125994Qualcomm Snapdragon Mobile TrustZone input validation [CVE-2018-11950]medium🔒---
125993Qualcomm Snapdragon Mobile Length memory corruption [CVE-2018-11854]medium🔒---
125992Qualcomm Snapdragon Mobile/Snapdragon Wear Channel memory corruptionmedium🔒---
125991Qualcomm Snapdragon Automobile memory corruption [CVE-2018-11850]medium🔒---
125990Qualcomm Snapdragon Automobile bssid Parameter memory corruptionmedium🔒---
125989Qualcomm Snapdragon Mobile Memory Comparison information disclosurelow🔒---
125988Qualcomm Snapdragon Mobile FW resource consumption [CVE-2018-11828]low🔒---
125987Qualcomm Snapdragon Mobile/Snapdragon Wear memory corruptionmedium🔒---
125986Qualcomm Snapdragon Mobile integer overflow [CVE-2018-11822]medium🔒---
125985Qualcomm Snapdragon Mobile/Snapdragon Wear WLAN integer overflowmedium🔒---
125984Qualcomm Snapdragon Automobile FDAL Message use after free [CVE-2018-11305]medium🔒---
125983Qualcomm Snapdragon Automobile XPU Master access control [CVE-2017-18311]medium🔒---
125982Qualcomm Snapdragon Automobile ClientEnv access control [CVE-2017-18310]medium🔒---
125981Qualcomm Snapdragon Mobile QMP Transportation array index [CVE-2017-18309]medium🔒---
125980Qualcomm Snapdragon Mobile/Snapdragon Wear Modem Segment access controlmedium🔒---
125979Qualcomm Snapdragon Automobile Secure Boot memory corruptionmedium🔒---
125978Prayer List Module Username information disclosure [CVE-2018-18655]low🔒---
125977Crossroads Build tmp access controllow🔒---
125976Ubuntu Linux UEFI Secure Boot module.c access controlmedium🔒--🔒
125975Mozilla Firefox memory corruption [CVE-2018-12390]medium🔒--🔒
125974Mozilla Firefox memory corruption [CVE-2018-12389]medium🔒--🔒
125973Mozilla Firefox memory corruption [CVE-2018-12388]medium🔒--🔒
125972Mozilla Firefox HTTP Warning 7pk securitymedium🔒--🔒
125971Mozilla Firefox Cookie origin validation [CVE-2018-12402]medium🔒--🔒
125970Mozilla Firefox URL Parser input validation [CVE-2018-12401]low🔒--🔒
125969Mozilla Firefox Cache information disclosure [CVE-2018-12400]medium🔒--🔒
125968Mozilla Firefox Protocol Registration Notification Bar improper authenticationmedium🔒--🔒
125967Mozilla Firefox CSS Content Security Policy privileges managementmedium🔒--🔒
125966Mozilla Firefox WebExtension information disclosure [CVE-2018-12397]medium🔒--🔒
125965Mozilla Firefox WebExtension permission assignment [CVE-2018-12396]medium🔒--🔒
125964Mozilla Firefox WebExtension privileges management [CVE-2018-12395]medium🔒--🔒
125963Mozilla Firefox Unicode Converter out-of-bounds write [CVE-2018-12393]medium🔒--🔒
125962Mozilla Firefox Nested Event infinite loop [CVE-2018-12392]low🔒--🔒
125961Mozilla Firefox HTTP Live Streaming 7pk security [CVE-2018-12391]medium🔒--🔒
125960Sophos HitmanPro.Alert IOCTL Handler Function write-what-where conditionmedium🔒---
125959Sophos HitmanPro.Alert IOCTL Handler Function information disclosurelow🔒---
125958Veritas NetBackup Appliance input validation [CVE-2018-18652]medium🔒---
125957Foo Labs Xpdf PDF File AcroForm.cc catalog->getNumPages resource managementlow🔒---
125956Foo Labs Xpdf PDF File XRef.cc readXRefStream integer overflowmedium🔒---
125955Reliance 4 SCADA/HMI cross site scripting [CVE-2018-17904]medium🔒---
125954X.org X11 Server Permission Check access control [CVE-2018-14665]medium🔒--🔒
125953Eaton UPS 9PX 8000 SP Administration Panel cross-site request forgerylow🔒---
125952Eaton UPS 9PX 8000 SP SNMP Password credentials management [CVE-2018-9280]low🔒---
125951Eaton UPS 9PX 8000 SP Web Page credentials management [CVE-2018-9279]low🔒---
125950BitDefender GravityZone Installer signature verification [CVE-2018-8955]medium🔒---
125949Neato Botvac Connected Setup API initialize command injectionmedium🔒---
125948D-Link DSL-2640T webcm cross site scriptinglow🔒---
125947MailCleaner CE Administration Login Interface UserController.php cross site scriptinglow🔒---
125946Communigate Pro Pronto! Mail Composer Stored cross site scriptinglow🔒---
125945Polycom VVX 500/VVX 601 X.509 Certificate Validation certificate validationmedium🔒---
125944AudioCodes 440HD/450HD X.509 Certificate Validation certificate validationmedium🔒---
125943Polycom VVX 500/VVX 601 SIP Service information disclosure [CVE-2018-18566]low🔒---
125942ServersCheck Monitoring Software lnk File path traversal [CVE-2018-18552]low🔒---
125941ServersCheck Monitoring Software cross site scripting [CVE-2018-18551]low🔒---
125940ajenti ajenticp cross site scripting [CVE-2018-18548]low🔒---
125939Vesta Control Panel cross site scripting [CVE-2018-18547]low🔒---
125938Citrix Netscaler Gateway cross site scripting [CVE-2018-18517]low🔒--🔒
125937mysql-binuuid-rails Database Column sql injection [CVE-2018-18476]medium🔒---
125936Citrix Xen Mobile Configuration Service access control [CVE-2018-18014]medium🔒---
125935Citrix Xen Mobile Service Port 5001 deserialization [CVE-2018-18013]medium🔒---
125934Telecrane F25 Series Radio Controls 7pk security [CVE-2018-17935]medium🔒---
125933SAGA1-L8B improper authentication [CVE-2018-17923]medium🔒---
125932SAGA1-L8B Pairing access control [CVE-2018-17921]medium🔒---
125931SAGA1-L8B input validation [CVE-2018-17903]medium🔒---
125930SaltStack Salt salt-api(netapi) improper authenticationmedium🔒--🔒
125929SaltStack Salt Salt-api path traversal [CVE-2018-15750]low🔒--🔒
125928Cisco Webex Meetings Desktop App Update Service os command injectionlow🔒--🔒
125927IBM WebSphere Commerce Enterprise Web UI cross site scriptinglow🔒---
125926Fuji Energy Savings Estimator DLL Loader uncontrolled search pathlow🔒---
125925Anda App Server API hard-coded credentials [CVE-2018-13342]medium🔒---
125924Adrenalin HRMS ApplicationtEmployeeSearch Reflected cross site scriptinglow🔒---
125923Spark Zinc Server input validation [CVE-2018-11804]low🔒---
125922Apache Impala ALTER access control [CVE-2018-11792]medium🔒---
125921Apache Impala Queue improper authorization [CVE-2018-11785]medium🔒---
125920Amanda Backup/Restore access control [CVE-2016-10730]medium🔒---
125919Amanda Backup runtar command injectionmedium🔒--🔒
125918Yammer Desktop App input validation [CVE-2018-8569]medium🔒---
125917Huawei Smart Phone Factory Reset Protection 7pk security [CVE-2018-7911]medium🔒---
125916Splunk Enterprise input validation [CVE-2018-7432]low🔒--🔒
125915Splunk Enterprise Django App path traversal [CVE-2018-7431]medium🔒--🔒
125914Splunk Enterprise Splunkd input validation [CVE-2018-7429]low🔒--🔒
125913Splunk Enterprise Web cross site scripting [CVE-2018-7427]low🔒--🔒
125912Pippo Cookie SerializationSessionDataTranscoder.decode deserializationmedium🔒---
125911PHPYun del_action input validationmedium🔒---
125910Waimai Super CMS cross site scripting [CVE-2018-18622]low🔒---
125909DeDeCMS datalistcp.class.php GetPageList cross site scriptinglow🔒---
125908GNU binutils libbfd elflink.c elf_link_input_bfd null pointer dereferencelow🔒---
125907GNU binutils libbfd merge.c merge_strings null pointer dereferencelow🔒---
125906GNU binutils libbfd merge.c sec_merge_hash_lookup memory corruptionmedium🔒---
125905360 Total Security Import OS os.system("PowerShell") input validationmedium🔒---
125904Stegdetect f5.c f5_compress out-of-bounds writemedium🔒---
125903Micro Focus Real User Monitoring Software input validation [CVE-2018-18589]medium🔒---
125902BigProf AppGini Password Storage MD5 risky encryptionmedium🔒---
125901Zoho ManageEngine OpManager File Upload unrestricted upload [CVE-2018-18475]medium🔒---
125900Daniel Gultsch Conversations Message input validation [CVE-2018-18467]medium🔒---
125899Axios Italia Axioscloud Sissiweb Registro Elettronico relogoff.aspx cross site scriptinglow🔒---
125898Trend Micro Antivirus KERedirect null pointer dereferencemedium🔒---
125897Trend Micro Antivirus KERedirect null pointer dereferencemedium🔒---
125896Trend Micro Antivirus KERedirect null pointer dereferencemedium🔒---
125895RuletkaIo random weak prngmedium🔒---
125894Greedy 599 extcodesize weak prngmedium🔒---
125893WiFiRanger Access Control key management [CVE-2018-17873]medium🔒---
125892Citrix SD-WAN/Netscaler SD-WAN Access Control access controlmedium🔒---
125891Citrix SD-WAN/Netscaler SD-WAN Log File log file [CVE-2018-17447]low🔒---
125890Citrix SD-WAN/Netscaler SD-WAN sql injection [CVE-2018-17446]medium🔒---
125889Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2018-17445]medium🔒---
125888Citrix SD-WAN/Netscaler SD-WAN path traversal [CVE-2018-17444]medium🔒---
125887Ansible User Module information disclosure [CVE-2018-16837]low🔒--🔒
125886Telligent Community Feed RSS Widget cross site scripting [CVE-2018-16235]low🔒---
125885Mitel MiVoice Office 400 start.asp Reflected cross site scriptinglow🔒---
125884Mitel MiVoice 5330e SIP/SDP Packet memory corruption [CVE-2018-15497]medium🔒---
125883Trend Micro Antivirus KERedirect null pointer dereferencemedium🔒---
125882Trend Micro Antivirus KERedirect use after freemedium🔒---
125881Advantech WebAccess access control [CVE-2018-14828]medium🔒---
125880Advantech WebAccess DLL File input validation [CVE-2018-14820]medium🔒---
125879Advantech WebAccess memory corruption [CVE-2018-14816]medium🔒---
125878Advantech WebAccess path traversal [CVE-2018-14806]medium🔒---
125877Atlassian JIRA redirect [CVE-2018-13402]low🔒--🔒
125876Atlassian JIRA XsrfErrorAction redirect [CVE-2018-13401]low🔒--🔒
125875Atlassian JIRA Administrative Resource access control [CVE-2018-13400]medium🔒--🔒
125874Mitel ST signin.php Reflected cross site scriptinglow🔒---
125873Fastjson rmi:/ URL AjaxApplication.java parseObject input validationmedium🔒---
125872Qualcomm Snapdragon Mobile/Snapdragon Wear HLOS access controlmedium🔒---
125871Qualcomm Snapdragon Automobile/Snapdragon Mobile SafeSwitch improper authorizationmedium🔒---
125870Qualcomm Snapdragon Mobile/Snapdragon Wear XBL sec mem dump System Call access controlmedium🔒---
125869Qualcomm Snapdragon Automobile Boot out-of-bounds read [CVE-2017-18304]medium🔒---
125868Qualcomm Snapdragon Automobile Sensor Registry memory corruptionmedium🔒---
125867Qualcomm Snapdragon Mobile/Snapdragon Wear Secure Display information disclosuremedium🔒---
125866Qualcomm Snapdragon Automobile Table Consolidation access controllow🔒---
125865Qualcomm Snapdragon Automobile SDMX API null pointer dereferencelow🔒---
125864Qualcomm Snapdragon Mobile TEE SE API Session Management double freemedium🔒---
125863Qualcomm Snapdragon Automobile SafeSwitch Service access controlmedium🔒---
125862Qualcomm Snapdragon Automobile DSP Service memory corruptionmedium🔒---
125861Qualcomm Snapdragon Automobile ELF Header input validation [CVE-2017-18294]medium🔒---
125860Qualcomm Snapdragon Mobile/Snapdragon Wear GPIO access controlmedium🔒---
125859Qualcomm Snapdragon Automobile Secure App input validation [CVE-2017-18292]low🔒---
125858Qualcomm Snapdragon Mobile Read Val Blob Req input validationmedium🔒---
125857Qualcomm Snapdragon Mobile/Snapdragon Wear SDCC access controlmedium🔒---
125856Qualcomm Snapdragon Automobile resource consumption [CVE-2017-18277]low🔒---
125855Qualcomm Snapdragon Automobile/Snapdragon Mobile System UI integer overflowmedium🔒---
125854Qualcomm Snapdragon Mobile GATT Packet input validation [CVE-2017-18171]medium🔒---
125853Qualcomm Snapdragon Mobile Bluetooth Controller integer underflowmedium🔒---
125852libmspack chmextract Sample Program chmextract.c path traversal [Disputed]medium🔒--🔒
125851libmspack/cabextract chmd.c chmd_read_headers null pointer dereferencelow🔒--🔒
125850libmspack/cabextract CAB Block cab.h out-of-bounds writemedium🔒--🔒
125849LuPng lupng.c insertByte memory corruptionmedium🔒---
125848LuPng lupng.c insertByte memory corruptionmedium🔒---
125847LuPng lupng.c internalPrintf memory corruptionmedium🔒---
125846DeDeCMS pm.php Reflected cross site scriptinglow🔒---
125845DeDeCMS qrcode.php cross site scriptinglow🔒---
125844Linux Kernel Multithreading race condition [CVE-2018-18559]medium🔒--🔒
125843LibTIFF JBIG tif_jbig.c JBIGDecode out-of-bounds writemedium🔒--🔒
125842IBM Security Access Manager Appliance Advanced Access Control access controlmedium🔒---
125841Advantech WebAccess opcImg.asp memory corruptionmedium🔒---
125840Advantech WebAccess Reflected cross site scripting [CVE-2018-15703]low🔒---
125839KERUI Wifi Endoscope Camera YPC99 Camera Stream input validationmedium🔒---
125838KERUI Wifi Endoscope Camera YPC99 input validation [CVE-2018-13114]medium🔒---
125837Symantec Web Isolation Javascript Reflected cross site scriptinglow🔒---
125836Discuz! Background Database Backup input validation [CVE-2018-14729]medium🔒---
125835Leanote Blog Basic Setting Title cross site scripting [CVE-2018-18553]low🔒---
125834ServersCheck Monitoring Software sql injection [CVE-2018-18550]medium🔒---
125833ThinkPHP Driver.class.php parseOrder sql injectionmedium🔒---
125832Fiyo CMS edit_user.php cross site scriptinglow🔒---
125831ImageMagick msl.c WriteMSLImage resource managementlow🔒--🔒
125830Teeworlds Connection Packet input validation [CVE-2018-18541]medium🔒--🔒
125829TeaKKi Picture URL cross site scripting [CVE-2018-18540]low🔒---
125828LIVE555 RTSP Server HTTP Packet Parser memory corruption [CVE-2018-4013]medium🔒--🔒
125827kaptcha Captcha DefaultTextCreator.java Random random valuesmedium🔒---
125826ThinkPHP Query.php aggregate sql injectionmedium🔒---
125825ThinkPHP Mysql.class.php parseKey sql injectionmedium🔒---
125824OwnTicket sql injection [CVE-2018-18527]medium🔒---
125823elfutils ELF File arlib.c arlib_add_symbols divide by zerolow🔒--🔒
125822elfutils libelf size.c elf_end memory corruptionlow🔒--🔒
125821QEMU IOReadHandler integer overflow [CVE-2018-18438]medium🔒--🔒
125820TP-LINK TL-SC3130 RTSP Stream image.jpg information disclosuremedium🔒---
125819Zenario Content Management System cross-site request forgerylow🔒---
125818ARDAWAN.COM User Management JPG File Name Stored cross site scriptinglow🔒---
125817Ekushey Project Manager CRM create Stored cross site scriptinglow🔒---
125816LANGO Codeigniter Multilingual Script Upload update cross site scriptinglow🔒---
125815Xfce Thunar IBus-Unikey out-of-bounds read [CVE-2018-18398]low🔒---
125814Moxa ThingsPro command injection [CVE-2018-18396]medium🔒---
125813Moxa ThingsPro Token access control [CVE-2018-18395]high🔒---
125812Moxa ThingsPro IIoT Gateway/Device Management information disclosurelow🔒---
125811Moxa ThingsPro IIoT Gateway/Device Management Password Management credentials managementhigh🔒---
125810Moxa ThingsPro IIoT Gateway/Device Management Access Control access controlmedium🔒---
125809Moxa ThingsPro IIoT Gateway/Device Management access controlmedium🔒---
125808Moxa ThingsPro IIoT Gateway/Device Management User information disclosurelow🔒---
125807BigTree CMS admin.php session fixiationmedium🔒---
125806Artifex Ghostscript Sandbox Protection Mechanism 7pk securitymedium🔒--🔒
125805IObit Malware Fighter IMFCameraProtect.sys memory corruptionmedium🔒---
125804F5 BIG-IP APM Edge Client 7pk security [CVE-2018-15316]low🔒--🔒
125803F5 BIG-IP Configuration Utility Page Reflected cross site scriptinglow🔒--🔒
125802F5 BIG-IP AFM TMUI Reflected cross site scriptinglow🔒--🔒
125801F5 BIG-IP AFM TMUI Reflected cross site scriptinglow🔒--🔒
125800F5 BIG-IP Configuration Utility Reflected cross site scriptinglow🔒--🔒
125799SV3C L-SERIES HD CAMERA Web Interface redirect [CVE-2018-12675]medium🔒---
125798SV3C L-SERIES HD CAMERA Cookie credentials management [CVE-2018-12674]low🔒---
125797SV3C L-SERIES HD CAMERA Web Interface Technical information disclosurelow🔒---
125796SV3C L-SERIES HD CAMERA cross site scripting [CVE-2018-12672]low🔒---
125795SV3C L-SERIES HD CAMERA Password information disclosure [CVE-2018-12671]low🔒---
125794SV3C L-SERIES HD CAMERA os command injection [CVE-2018-12670]medium🔒---
125793SV3C L-SERIES HD CAMERA param.cgi improper authorizationlow🔒---
125792SV3C L-SERIES HD CAMERA hard-coded credentials [CVE-2018-12668]medium🔒---
125791SV3C L-SERIES HD CAMERA CGI Script improper authentication [CVE-2018-12667]medium🔒---
125790SV3C L-SERIES HD CAMERA improper authentication [CVE-2018-12666]medium🔒---
125789Splunk Enterprise splunk-launch.conf access controlmedium🔒---
125788Mozilla Firefox/Thunderbird memory corruption [CVE-2018-5188]medium🔒--🔒
125787Mozilla Firefox/Thunderbird memory corruption [CVE-2018-5187]medium🔒--🔒
125786Gxlcms dataaction.class.php sql injectionmedium🔒---
125785Gxlcms Database Backup dataaction.class.php mt_rand information disclosurelow🔒---
125784PHPSHE sql injection [CVE-2018-18486]medium🔒---
125783PHPSHE path traversal [CVE-2018-18485]medium🔒---
125782GNU binutils GNU libiberty cp-demangle.c resource consumptionlow🔒---
125781GNU binutils GNU libiberty cplus-dem.c get_count integer overflowmedium🔒---
125780libpg_query pg_query_parse.c pg_query_raw_parse resource managementlow🔒---
125779libopencad io.cpp ReadCHAR out-of-bounds readmedium🔒---
125778libopencad io.cpp ReadMCHAR out-of-bounds readmedium🔒---
125777LibreNMS ajax_form.php Persistent cross site scriptinglow🔒---
125776IBM FlashSystem 900 GUI improper authentication [CVE-2018-1822]medium🔒---
125775Dell EMC Secure Remote Services Log information disclosure [CVE-2018-15765]low🔒---
IDTitleVulDBCVSSSecuniaXForceNessus
125774Spring Security OAuth access control [CVE-2018-15758]medium🔒---
125773Spring Framework Range resource management [CVE-2018-15756]low🔒---
125772IBM InfoSphere Information Server Password Encryption inadequate encryptionlow🔒---
125771Opto 22 PAC Control Basic/PAC Control Professional memory corruptionmedium🔒---
125770Mozilla Firefox JIT Compiler input validation [CVE-2018-12387]medium🔒--🔒
125769Mozilla Firefox Javascript type conversion [CVE-2018-12386]medium🔒--🔒
125768Mozilla Firefox/Thunderbird TransportSecurityInfo input validationlow🔒--🔒
125767Mozilla Firefox Password Save information disclosure [CVE-2018-12383]low🔒--🔒
125766Mozilla Firefox Address Bar input validation [CVE-2018-12382]medium🔒--🔒
125765Mozilla Firefox Outlook Email Message Drag / Drop 7pk securitymedium🔒--🔒
125764Mozilla Thunderbird Mozilla Updater out-of-bounds write [CVE-2018-12379]medium🔒--🔒
125763Mozilla Firefox/Thunderbird IndexDB Index Delete use after freemedium🔒--🔒
125762Mozilla Thunderbird Refresh Driver Timer use after free [CVE-2018-12377]medium🔒--🔒
125761Mozilla Firefox memory corruption [CVE-2018-12376]medium🔒--🔒
125760Mozilla Firefox memory corruption [CVE-2018-12375]medium🔒--🔒
125759Mozilla Thunderbird Text Input Leak information disclosuremedium🔒--🔒
125758Mozilla Thunderbird SMIME Leak information disclosuremedium🔒--🔒
125757Mozilla Thunderbird SMIME Message Leak information disclosuremedium🔒--🔒
125756Dell EMC Secure Remote Services File Permission access controllow🔒---
125755Dell EMC Secure Remote Services Password Storage Credentials credentials managementlow🔒---
125754Mozilla Firefox DOM windows.create ReplaceOrInsertBefore use after freemedium🔒--🔒
125753koha opac-tags_subject.pl sql injectionmedium🔒---
125752koha search path traversalmedium🔒---
125751koha opac-search.pl cross site scriptinglow🔒---
125750koha memberentry.pl cross-site request forgerylow🔒---
125749Arigato Autoresponder/Newsletter attachment.php code injectionmedium🔒---
125748wp-live-chat-support Plugin gdpr.php cross site scriptinglow🔒---
125747Foo Labs Xpdf PDF File Stream.cc getBlock null pointer dereferencelow🔒---
125746Foo Labs Xpdf PDF File Stream.cc decodeImage null pointer dereferencelow🔒---
125745Foo Labs Xpdf PDF File Stream.cc readScan null pointer dereferencelow🔒---
125744Foo Labs Xpdf PDF File Object.h isName out-of-bounds readmedium🔒---
125743Foo Labs Xpdf PDF File GfxState.cc GfxImageColorMap out-of-bounds readmedium🔒---
125742Foo Labs Xpdf PDF File Stream.cc readRow memory corruptionmedium🔒---
125741PbootCMS SingleController.php sql injectionmedium🔒---
125740Linux Kernel BPF Verifier verifier.c adjust_scalar_min_max_vals out-of-bounds readmedium🔒--🔒
125739OpenEXR makeMultiView.cpp exrmultiview out-of-bounds writemedium🔒---
125738OpenEXR IlmThreadPool.cpp ThreadPool resource managementlow🔒---
125737Linux Kernel Pseudo Terminal n_tty.c type conversionlow🔒--🔒
125736Adobe Technical Communications Suite Library Loader uncontrolled search pathlow🔒---
125735Adobe Framemaker Library Loader untrusted search path [CVE-2018-15974]low🔒--🔒
125734Adobe Experience Manager Stored cross site scripting [CVE-2018-15973]low🔒---
125733Adobe Experience Manager Stored cross site scripting [CVE-2018-15972]low🔒---
125732Adobe Experience Manager Reflected cross site scripting [CVE-2018-15971]low🔒---
125731Adobe Experience Manager Reflected cross site scripting [CVE-2018-15970]low🔒---
125730Adobe Experience Manager Stored cross site scripting [CVE-2018-15969]low🔒---
125729Avaya Aura System Platform Web UI deserialization [CVE-2018-15616]medium🔒---
125728Cisco Prime Collaboration Assurance Web-based Management Interface cross-site request forgerylow🔒---
125727Cisco SocialMiner Web-based Management Interface Stored cross site scriptinglow🔒---
125726Cisco Enterprise NFV Infrastructure Software Management Interface cross-site request forgerylow🔒---
125725Cisco Wireless LAN Controller TrustSec Domain privileges managementmedium🔒---
125724CA Identity Governance Username information disclosure [CVE-2018-14597]low🔒---
125723Adobe Digital Editions memory corruption [CVE-2018-12823]medium🔒--🔒
125722Adobe Digital Editions use after free [CVE-2018-12822]medium🔒--🔒
125721Adobe Digital Editions out-of-bounds read [CVE-2018-12821]low🔒--🔒
125720Adobe Digital Editions out-of-bounds read [CVE-2018-12820]low🔒--🔒
125719Adobe Digital Editions out-of-bounds read [CVE-2018-12819]low🔒--🔒
125718Adobe Digital Editions out-of-bounds read [CVE-2018-12818]low🔒--🔒
125717Adobe Digital Editions out-of-bounds read [CVE-2018-12816]low🔒--🔒
125716Adobe Digital Editions memory corruption [CVE-2018-12814]medium🔒--🔒
125715Adobe Digital Editions memory corruption [CVE-2018-12813]medium🔒--🔒
125714Cisco NX-OS SNMP input validation [CVE-2018-0456]low🔒--🔒
125713Cisco Wireless LAN Controller CAPWAP resource management [CVE-2018-0443]low🔒--🔒
125712Cisco Wireless LAN Controller CAPWAP information disclosure [CVE-2018-0442]low🔒--🔒
125711Cisco IOS Access Point 802.11r Fast Transition resource consumptionlow🔒--🔒
125710Cisco Wireless LAN Controller Software Web-based Interface path traversallow🔒---
125709Cisco Wireless LAN Controller TACACS access control [CVE-2018-0417]medium🔒--🔒
125708Cisco Wireless LAN Controller Web-based Interface input validationlow🔒---
125707Cisco FXOS LLDP input validation [CVE-2018-0395]low🔒---
125706Cisco Wireless LAN Controller Web-based Interface cross site scriptinglow🔒---
125705Cisco Aironet Watchdog Timer resource consumption [CVE-2018-0381]low🔒---
125704Cisco NX-OS Precision Time Protocol input validation [CVE-2018-0378]low🔒---
125703Huawei Mate 10 Pro App Lock Password improper authenticationmedium🔒---
125702Huawei Anne-AL00 USB Interface information disclosure [CVE-2018-7924]low🔒---
125701HPE UIoT DSM Portal access control [CVE-2018-7111]medium🔒---
125700HPE Service Governance Framework race condition [CVE-2018-7110]low🔒---
125699HPE Intelligent Management Center improper authentication [CVE-2018-7076]medium🔒---
125698Linksys E1200/E2500 Network Configuration apply.cgi os command injectionmedium🔒---
125697Linksys E1200/E2500 Web Portal apply.cgi machine_name os command injectionmedium🔒---
125696Linksys E1200/E2500 Web Portal apply.cgi start_lltd os command injectionmedium🔒---
125695JTBC(PHP) cross-site request forgery [CVE-2018-18436]low🔒---
125694litemall WxStorageController.java path traversalmedium🔒---
125693DESTOON B2B category.inc.php cross site scriptinglow🔒---
125692DESTOON B2B admin.php cross-site request forgerylow🔒---
125691DESTOON B2B cross site scripting [CVE-2018-18431]low🔒---
125690DESTOON B2B setting.inc.php cross site scriptinglow🔒---
125689S-Cms post.php sql injectionmedium🔒---
125688S-Cms robots.php code injectionmedium🔒---
125687UsualToolCMS cross-site request forgery [CVE-2018-18422]low🔒---
125686tcpflow iptree.h setbit out-of-bounds readmedium🔒---
125685tcpreplay tcpbridge tcpbridge.c post_args use after freemedium🔒--🔒
125684tcpreplay tcpreplay-edit incremental_checksum.h csum_replace4 out-of-bounds readmedium🔒--🔒
125683Support Board - Chat And Help Desk Plugin File Upload admin-ajax.php Stored cross site scriptinglow🔒---
125682KAASoft Library CMS - Powerful Book Management System Stored cross site scriptinglow🔒---
125681Zoho ManageEngine OpManager cross site scripting [CVE-2018-18262]low🔒---
125680Aryanic HighPortal Add Tags cross site scripting [CVE-2018-17964]low🔒---
125679LAquis SCADA memory corruption [CVE-2018-17911]medium🔒---
125678LAquis SCADA Project File out-of-bounds write [CVE-2018-17901]medium🔒---
125677LAquis SCADA path traversal [CVE-2018-17899]medium🔒---
125676LAquis SCADA integer overflow [CVE-2018-17897]medium🔒---
125675LAquis SCADA out-of-bounds read [CVE-2018-17895]medium🔒---
125674LAquis SCADA null pointer dereference [CVE-2018-17893]medium🔒---
125673IPFire Firewall backup.cgi command injectionmedium🔒---
125672vBulletin redirect [CVE-2018-15493]medium🔒---
125670D-Link DWR-111 0 information disclosuremedium🔒---
125669D-Link DWR-116/DWR-512/DWR-712/DWR-912/DWR-921/DWR-111 chkisg.htm command injectionmedium🔒---
125668D-Link DWR-111 Web Interface path traversal [CVE-2018-10822]medium🔒---
125667Huawei Mate 9/Mate 9 Pro Hardware Security Module access controlmedium🔒---
125666Oracle VM VirtualBox OpenSSL key management [CVE-2018-0732]medium🔒---
125665Oracle VM VirtualBox access control [CVE-2018-3287]medium🔒---
125664Oracle VM VirtualBox access control [CVE-2018-3295]medium🔒---
125663Oracle VM VirtualBox access control [CVE-2018-3293]medium🔒---
125662Oracle VM VirtualBox access control [CVE-2018-3292]medium🔒---
125661Oracle VM VirtualBox access control [CVE-2018-3291]medium🔒---
125660Oracle VM VirtualBox access control [CVE-2018-3298]medium🔒---
125659Oracle VM VirtualBox access control [CVE-2018-2909]medium🔒---
125658Oracle VM VirtualBox access control [CVE-2018-3297]medium🔒---
125657Oracle VM VirtualBox access control [CVE-2018-3296]medium🔒---
125656Oracle VM VirtualBox access control [CVE-2018-3290]medium🔒---
125655Oracle VM VirtualBox access control [CVE-2018-3289]medium🔒---
125654Oracle VM VirtualBox access control [CVE-2018-3288]medium🔒---
125653Oracle VM VirtualBox VRDP access control [CVE-2018-3294]high🔒---
125652Oracle OSS Support Tools OpenSSL resource consumption [CVE-2018-0739]medium🔒---
125651Oracle Demantra Demand Management Product Security access controlmedium🔒---
125650Oracle Agile Product Lifecycle Management for Process User Group Management access controlmedium🔒---
125649Oracle Transportation Management Install access control [CVE-2018-1305]medium🔒--🔒
125648Oracle Agile PLM Folders/Files / Attachments access control [CVE-2018-1305]medium🔒--🔒
125647Oracle Agile Engineering Data Management Install (Apache Tomcat) access controlmedium🔒--🔒
125646Oracle Agile PLM Application Server improper authorization [CVE-2018-1258]medium🔒--🔒
125645Oracle Solaris Kernel access control [CVE-2018-3270]low🔒--🔒
125644Oracle Solaris Kernel access control [CVE-2018-2922]low🔒--🔒
125643Oracle Solaris Verified Boot access control [CVE-2018-3266]low🔒--🔒
125642Oracle Solaris SMB Server access control [CVE-2018-3269]medium🔒--🔒
125641Oracle Solaris Kernel access control [CVE-2018-3264]medium🔒--🔒
125640Oracle Solaris Zones access control [CVE-2018-3265]medium🔒--🔒
125639Oracle Solaris SMB Server access control [CVE-2018-3268]medium🔒--🔒
125638Oracle Solaris RPC access control [CVE-2018-3172]medium🔒--🔒
125637Oracle Solaris Kernel Zones access control [CVE-2018-3271]medium🔒--🔒
125636Oracle Solaris LFTP access control [CVE-2018-3267]medium🔒--🔒
125635Oracle Solaris Kernel null pointer dereference [CVE-2015-6937]medium🔒--🔒
125634Oracle Solaris Sudo access control [CVE-2018-3263]medium🔒--🔒
125633Oracle Solaris Kernel access control [CVE-2018-3274]medium🔒--🔒
125632Oracle Solaris Kernel Zones Virtualized NIC Driver access controlmedium🔒--🔒
125631Oracle Solaris LibKMIP access control [CVE-2018-3275]medium🔒--🔒
125630Oracle Solaris Kernel information disclosure [CVE-2016-5244]medium🔒--🔒
125629Oracle Solaris Remote Administration Daemon access control [CVE-2018-3273]medium🔒--🔒
125628Oracle SPARC Enterprise M9000 XCP Firmware integer overflow [CVE-2016-7167]high🔒--🔒
125627Oracle Fujitsu M10-1 XCP Firmware integer overflow [CVE-2016-7167]high🔒--🔒
125626Oracle Siebel CRM UI Framework access control [CVE-2018-3059]medium🔒---
125625Oracle Siebel CRM Marketing Apps access control [CVE-2018-1305]medium🔒--🔒
125624Oracle Siebel CRM UI Framework deserialization [CVE-2017-5645]high🔒--🔒
125623Oracle Retail Order Broker Upgrade Install access control [CVE-2018-1305]medium🔒--🔒
125622Oracle MICROS XBRi Retail access control [CVE-2018-1305]medium🔒--🔒
125621Oracle MICROS Retail-J Back Office access control [CVE-2018-2887]medium🔒---
125620Oracle Retail Xstore Point of Service Xenvironment incomplete blacklistmedium🔒--🔒
125619Oracle Retail Xstore Point of Service Xenvironment access controlmedium🔒---
125618Oracle Retail Open Commerce Platform Integrations access controlmedium🔒---
125617Oracle Retail Returns Management Apache Batik deserializationmedium🔒--🔒
125616Oracle Retail Point-of-Service Apache Batik deserialization [CVE-2018-8013]medium🔒--🔒
125615Oracle Retail Order Broker Upgrade Install deserialization [CVE-2018-8013]medium🔒--🔒
125614Oracle Retail Central Office Apache Batik deserialization [CVE-2018-8013]medium🔒--🔒
125613Oracle Retail Back Office Apache Batik deserialization [CVE-2018-8013]medium🔒--🔒
125612Oracle MICROS Retail-J Internal Operations access control [CVE-2018-2889]medium🔒---
125611Oracle Retail Sales Audit Operational Insights access controlmedium🔒---
125610Oracle Retail Open Commerce Platform jackson-databind deserializationmedium🔒--🔒
125609Oracle Retail Integration Bus RIB Kernal authorization [CVE-2018-1258]medium🔒--🔒
125608Oracle Retail Financial Integration PeopleSoft Integration Bugs authorizationmedium🔒--🔒
125607Oracle Retail Assortment Planning Application Core authorizationmedium🔒--🔒
125606Oracle MICROS Lucas Spring Framework authorization [CVE-2018-1258]medium🔒--🔒
125605Oracle Retail Sales Audit Operational Insights deserializationhigh🔒--🔒
125604Oracle Retail Predictive Application Server RPAS Fusion Client security check for standardhigh🔒--🔒
125603Oracle Retail Order Broker System Administration security check for standardhigh🔒--🔒
125602Oracle Retail Order Broker Order Broker Foundation access controlhigh🔒---
125601Oracle Retail Open Commerce Platform Spring Framework security check for standardhigh🔒--🔒
125600Oracle Retail Open Commerce Platform JasperReports access controlhigh🔒---
125599Oracle Retail Open Commerce Platform Apache Log4j deserializationhigh🔒--🔒
125598Oracle Retail Invoice Matching jackson-databind incomplete blacklisthigh🔒--🔒
125597Oracle Retail Extract Transform/Load Mathematical Operators deserializationhigh🔒--🔒
125596Oracle Retail Customer Management/Segmentation Foundation Internal Operations access controlhigh🔒--🔒
125595Oracle Retail Assortment Planning Application Core incomplete blacklisthigh🔒--🔒
125594Oracle Retail Allocation jackson-databind incomplete blacklisthigh🔒--🔒
125593Oracle MICROS Relate CRM Software Web Services access controlhigh🔒--🔒
125592Oracle PeopleSoft Enterprise PeopleTools Portal access controlmedium🔒---
125591Oracle PeopleSoft Enterprise PeopleTools Stylesheet access controlmedium🔒---
125590Oracle PeopleSoft Enterprise PeopleTools Portal access controlmedium🔒---
125589Oracle PeopleSoft Enterprise PeopleTools Portal access controlmedium🔒---
125588Oracle PeopleSoft Enterprise PeopleTools Performance Monitor access controlmedium🔒---
125587Oracle PeopleSoft Enterprise PeopleTools Integration Broker access controlmedium🔒---
125586Oracle PeopleSoft Enterprise PeopleTools Integration Broker access controlmedium🔒---
125585Oracle PeopleSoft Enterprise Interaction Hub Application Portal access controlmedium🔒---
125584Oracle PeopleSoft Enterprise PeopleTools Workflow access controlmedium🔒---
125583Oracle PeopleSoft Enterprise PeopleTools Rich Text Editor access controlmedium🔒---
125582Oracle PeopleSoft Enterprise PeopleTools Portal access controlmedium🔒---
125581Oracle PeopleSoft Enterprise PeopleTools Portal access controlmedium🔒---
125580Oracle PeopleSoft Enterprise PeopleTools Portal access controlmedium🔒---
125579Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access controlmedium🔒---
125578Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access controlmedium🔒---
125577Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access controlmedium🔒---
125576Oracle PeopleSoft Enterprise PeopleTools Fluid Core access controlmedium🔒---
125575Oracle PeopleSoft Enterprise PeopleTools Elastic Search access controlmedium🔒---
125574Oracle PeopleSoft Enterprise PeopleTools Activity Guide access controlmedium🔒---
125573Oracle PeopleSoft Enterprise PeopleTools Activity Guide access controlmedium🔒---
125572Oracle PeopleSoft Enterprise PeopleTools OpenSSL resource consumptionmedium🔒--🔒
125571Oracle PeopleSoft Enterprise PeopleTools SQR access control [CVE-2018-3165]medium🔒---
125570Oracle PeopleSoft Enterprise PeopleTools Query access controlmedium🔒---
125569Oracle PeopleSoft Enterprise PeopleTools Apache HTTP Server use after freemedium🔒--🔒
125568Oracle MySQL Server Privileges access control [CVE-2018-3286]medium🔒--🔒
125567Oracle MySQL Server Logging denial of service [CVE-2018-3283]medium🔒--🔒
125566Oracle MySQL Server InnoDB denial of service [CVE-2018-3284]medium🔒--🔒
125565Oracle MySQL Server Windows access control [CVE-2018-3285]medium🔒--🔒
125564Oracle MySQL Server Storage Engines access control [CVE-2018-3282]medium🔒--🔒
125563Oracle MySQL Server Roles access control [CVE-2018-3279]medium🔒--🔒
125562Oracle MySQL Server RBR access control [CVE-2018-3278]medium🔒--🔒
125561Oracle MySQL Server Partition access control [CVE-2018-3161]medium🔒--🔒
125560Oracle MySQL Server Optimizer access control [CVE-2018-3186]medium🔒--🔒
125559Oracle MySQL Server Memcached access control [CVE-2018-3276]medium🔒--🔒
125558Oracle MySQL Server JSON access control [CVE-2018-3280]medium🔒--🔒
125557Oracle MySQL Server Information Schema access control [CVE-2018-3212]medium🔒--🔒
125556Oracle MySQL Server DDL access control [CVE-2018-3170]medium🔒--🔒
125555Oracle MySQL Server InnoDB access control [CVE-2018-3200]medium🔒--🔒
125554Oracle MySQL Server InnoDB access control [CVE-2018-3173]medium🔒--🔒
125553Oracle MySQL Server InnoDB access control [CVE-2018-3162]medium🔒--🔒
125552Oracle MySQL Server InnoDB access control [CVE-2018-3277]medium🔒--🔒
125551Oracle MySQL Server Partition access control [CVE-2018-3171]medium🔒--🔒
125550Oracle MySQL Server Client programs access control [CVE-2018-3174]medium🔒--🔒
125549Oracle MySQL Server Optimizer access control [CVE-2018-3187]medium🔒--🔒
125548Oracle MySQL Server Merge access control [CVE-2018-3247]medium🔒--🔒
125547Oracle MySQL Server DDL access control [CVE-2018-3195]medium🔒--🔒
125546Oracle MySQL Server InnoDB access control [CVE-2018-3185]medium🔒--🔒
125545Oracle MySQL Server Audit access control [CVE-2018-3144]medium🔒--🔒
125544Oracle MySQL Server Parser access control [CVE-2018-3145]medium🔒--🔒
125543Oracle MySQL Server Parser access control [CVE-2018-3133]medium🔒--🔒
125542Oracle MySQL Server Optimizer access control [CVE-2018-3203]medium🔒--🔒
125541Oracle MySQL Server Optimizer access control [CVE-2018-3137]medium🔒--🔒
125540Oracle MySQL Server DML access control [CVE-2018-3182]medium🔒--🔒
125539Oracle MySQL Server InnoDB access control [CVE-2018-3251]medium🔒--🔒
125538Oracle MySQL Server InnoDB access control [CVE-2018-3156]medium🔒--🔒
125537Oracle MySQL Server InnoDB access control [CVE-2018-3143]medium🔒--🔒
125536Oracle MySQL Server Parser access control [CVE-2018-3155]medium🔒--🔒
125535Oracle MySQL Server InnoDB numeric error [CVE-2016-9843]medium🔒--🔒
125534Oracle MySQL Enterprise Monitor Monitoring authorization [CVE-2018-1258]medium🔒--🔒
125533Oracle MySQL Connectors Connector/J access control [CVE-2018-3258]medium🔒--🔒
125532Oracle MySQL Enterprise Monitor Monitoring 7pk security [CVE-2018-8014]high🔒--🔒
125531Oracle MySQL Enterprise Monitor Monitoring input validation [CVE-2018-11776]high🔒--🔒
125530Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure resource consumptionmedium🔒--🔒
125529Oracle JD Edwards EnterpriseOne Tools Monitoring/Diagnostics deserializationmedium🔒--🔒
125528Oracle JD Edwards EnterpriseOne Tools Business Logic Inf deserializationmedium🔒--🔒
125527Oracle JD Edwards EnterpriseOne Tools Web Runtime incomplete blacklisthigh🔒--🔒
125526Oracle JD Edwards EnterpriseOne Tools EnterpriseOne Mobility incomplete blacklisthigh🔒--🔒
125525Oracle JD Edwards EnterpriseOne Orchestrator IoT Orchestrator Security incomplete blacklisthigh🔒--🔒
125524Oracle Java SE Networking access control [CVE-2018-3139]low🔒--🔒
125523Oracle Java SE Security access control [CVE-2018-3136]low🔒--🔒
125522Oracle Java SE Deployment divide by zero [CVE-2018-13785]low🔒--🔒
125521Oracle Java SE Utility access control [CVE-2018-3150]low🔒--🔒
125520Oracle Java SE Sound access control [CVE-2018-3157]low🔒--🔒
125519Oracle Java SE Sound access control [CVE-2018-3214]medium🔒--🔒
125518Oracle Java SE JSSE access control [CVE-2018-3180]medium🔒--🔒
125517Oracle Java SE Serviceability access control [CVE-2018-3211]medium🔒--🔒
125516Oracle Java SE JNDI access control [CVE-2018-3149]medium🔒--🔒
125515Oracle Java SE Hotspot access control [CVE-2018-3169]medium🔒--🔒
125514Oracle Java SE JavaFX access control [CVE-2018-3209]medium🔒--🔒
125513Oracle Java SE Scripting access control [CVE-2018-3183]high🔒--🔒
125512Oracle Insurance Calculation Engine Architecture deserializationmedium🔒--🔒
125511Oracle Insurance Rules Palette security check for standard [CVE-2018-1275]high🔒--🔒
125510Oracle Insurance Rules Palette deserialization [CVE-2017-5645]high🔒--🔒
125509Oracle Insurance Calculation Engine security check for standardhigh🔒--🔒
125508Oracle Insurance Calculation Engine deserialization [CVE-2017-5645]high🔒--🔒
125507Oracle iLearning Learner Administration access control [CVE-2018-3146]medium🔒---
125506Oracle Hyperion BI+ access control [CVE-2018-3184]low🔒---
125505Oracle Hyperion Essbase Administration Services access controlmedium🔒---
125504Oracle Hyperion Essbase Administration Services access controlmedium🔒---
125503Oracle Hyperion Common Events access control [CVE-2018-3178]medium🔒---
125502Oracle Hyperion Common Events access control [CVE-2018-3177]medium🔒---
125501Oracle Hyperion Common Events access control [CVE-2018-3176]medium🔒---
125500Oracle Hyperion Common Events access control [CVE-2018-3175]medium🔒---
125499Oracle Hyperion Essbase Administration Services access controlmedium🔒---
125498Oracle Hyperion Data Relationship Management access control [CVE-2018-3208]medium🔒---
125497Oracle Hospitality Cruise Shipboard Property Management System OHC ENOAD access controlmedium🔒---
125496Oracle Hospitality Guest Access jQuery cross site scripting [CVE-2015-9251]medium🔒--🔒
125495Oracle Hospitality Cruise Fleet Management Sender/Receiver access controlmedium🔒---
125494Oracle Hospitality Guest Access Apache Tomcat access controlmedium🔒--🔒
125493Oracle Hospitality Cruise Fleet Management Emergency Response System access controlmedium🔒---
125492Oracle Hospitality Cruise Fleet Management Emergency Response System access controlmedium🔒---
125491Oracle Hospitality Cruise Fleet Management Emergency Response System access controlmedium🔒---
125490Oracle Hospitality Cruise Shipboard Property Management System OHC Admin/OHC Management access controlmedium🔒---
125489Oracle Hospitality Guest Access Spring Framework authorizationmedium🔒--🔒
125488Oracle Healthcare Translational Research Cohort Explorer cross site scriptingmedium🔒--🔒
125487Oracle WebLogic Server Console information disclosure [CVE-2018-2902]medium🔒--🔒
125486Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125485Oracle Virtual Directory Virtual Directory Manager access controlmedium🔒---
125484Oracle WebCenter Portal WebCenter Spaces Application access controlmedium🔒---
125483Oracle GlassFish Server Java Server Faces access control [CVE-2018-3210]medium🔒--🔒
125482Oracle Endeca Information Discovery Integrator Integrator ETL access controlmedium🔒---
125481Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3250]medium🔒--🔒
125480Oracle WebCenter Sites Advanced UI cross site scripting [CVE-2015-9251]medium🔒--🔒
125479Oracle Service Bus OSB Core Functionality cross site scriptingmedium🔒--🔒
125478Oracle Fusion Middleware MapViewer Install cross site scriptingmedium🔒---
125477Oracle Endeca Information Discovery Studio jQuery cross site scriptingmedium🔒--🔒
125476Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3248]medium🔒--🔒
125475Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3249]medium🔒--🔒
125474Oracle WebCenter Sites Advanced UI access control [CVE-2018-1305]medium🔒--🔒
125473Oracle Endeca Server Product Code resource consumption [CVE-2018-0739]medium🔒--🔒
125472Oracle WebCenter Sites Advanced UI access control [CVE-2018-3238]medium🔒---
125471Oracle Outside In Technology Outside In Filters memory corruptionmedium🔒---
125470Oracle Outside In Technology Outside In Filters memory corruptionmedium🔒---
125469Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125468Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125467Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125466Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125465Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125464Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125463Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125462Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125461Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125460Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125459Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125458Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125457Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125456Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125455Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125454Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125453Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125452Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125451Oracle Outside In Technology Outside In Filters access controlmedium🔒---
125450Oracle Identity Analytics Core Components access control [CVE-2018-3168]medium🔒---
125449Oracle Identity Manager Advanced Console access control [CVE-2018-3179]medium🔒--🔒
125448Oracle Enterprise Repository Security Subsystem deserializationmedium🔒--🔒
125447Oracle Business Intelligence Enterprise Edition Apache Batik deserializationmedium🔒--🔒
125446Oracle WebLogic Server Docker Images access control [CVE-2018-3213]medium🔒--🔒
125445Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3246]medium🔒--🔒
125444Oracle Tuxedo Docs-ATMI-IB key management [CVE-2018-0732]medium🔒--🔒
125443Oracle HTTP Server Web Listener memory corruption [CVE-2018-1000300]medium🔒--🔒
125442Oracle GlassFish Server Administration access control [CVE-2018-3152]medium🔒--🔒
125441Oracle Directory Server Enterprise Edition Admin Console use after freemedium🔒--🔒
125440Oracle Real-Time Decision Server Platform Installation input validationmedium🔒--🔒
125439Oracle Business Intelligence Enterprise Edition Analytics Server access controlmedium🔒--🔒
125438Oracle Adaptive Access Manager OAAM Server input validation [CVE-2016-1182]medium🔒--🔒
125437Oracle GlassFish Server Java Server Faces access control [CVE-2018-2911]medium🔒--🔒
125436Oracle WebLogic Server Spring Framework authorization [CVE-2018-1258]medium🔒--🔒
125435Oracle Endeca Information Discovery Integrator Spring Framework authorizationmedium🔒--🔒
125434Oracle WebLogic Server WLS Core Components access control [CVE-2018-3252]high🔒--🔒
125433Oracle WebLogic Server WLS Core Components access control [CVE-2018-3245]high🔒--🔒
125432Oracle WebLogic Server WLS Core Components access control [CVE-2018-3201]high🔒--🔒
125431Oracle WebLogic Server WLS Core Components access control [CVE-2018-3197]high🔒--🔒
125430Oracle WebLogic Server WLS Core Components access control [CVE-2018-3191]high🔒--🔒
125429Oracle Identity Manager Installer deserialization [CVE-2017-15095]high🔒--🔒
125428Oracle Identity Management Suite Apache Log4j deserializationhigh🔒--🔒
125427Oracle Identity Analytics Apache Log4j deserialization [CVE-2017-5645]high🔒--🔒
125426Oracle GoldenGate for Big Data Spring Framework security check for standardhigh🔒--🔒
125425Oracle Big Data Discovery Spring Framework security check for standardhigh🔒--🔒
125424Oracle API Gateway Apache Log4j deserialization [CVE-2017-5645]high🔒--🔒
125423Oracle BI Publisher Apache Log4j deserialization [CVE-2017-5645]high🔒--🔒
125422Oracle MICROS PC Workstation 2015 BIOS information disclosuremedium🔒--🔒
125421Oracle Hospitality Materials Control MobileAuthWebService cross site scriptingmedium🔒--🔒
125420Oracle Hospitality Gift/Loyalty Report access control [CVE-2018-3131]medium🔒---
125419Oracle Hospitality Reporting/Analytics Report access controlmedium🔒---
125418Oracle Banking Platform jQuery cross site scripting [CVE-2015-9251]medium🔒--🔒
125417Oracle Banking Platform jackson-databind deserialization [CVE-2018-12023]medium🔒--🔒
125416Oracle Enterprise Manager Base Platform Discovery Framework resource consumptionmedium🔒--🔒
125415Oracle Enterprise Manager for MySQL Database EM Plugin authorizationmedium🔒--🔒
125414Oracle Configuration Manager Collector of Config/Diag deserializationhigh🔒--🔒
125413Oracle Enterprise Manager Ops Center Jython deserialization [CVE-2016-4000]high🔒--🔒
125412Oracle E-Business Suite Oracle Applications Framework access controlmedium🔒--🔒
125411Oracle E-Business Suite Oracle Email Center access control [CVE-2018-3256]medium🔒--🔒
125410Oracle E-Business Suite Oracle Applications Manager information disclosuremedium🔒--🔒
125409Oracle E-Business Suite Oracle Application Object Library access controlmedium🔒--🔒
125408Oracle E-Business Suite access control [CVE-2018-3167]medium🔒--🔒
125407Oracle E-Business Suite Oracle User Management access controlmedium🔒--🔒
125406Oracle E-Business Suite Oracle iProcurement access control [CVE-2018-3151]medium🔒--🔒
125405Oracle E-Business Suite Oracle Trade Management access controlmedium🔒--🔒
125404Oracle E-Business Suite Oracle Partner Management access controlmedium🔒--🔒
125403Oracle E-Business Suite Oracle Marketing access control [CVE-2018-3242]medium🔒--🔒
125402Oracle E-Business Suite Oracle iStore access control [CVE-2018-3188]medium🔒--🔒
125401Oracle E-Business Suite Oracle E-Business Intelligence access controlmedium🔒--🔒
125400Oracle E-Business Suite Oracle Customer Interaction History access controlmedium🔒--🔒
125399Oracle E-Business Suite Oracle Applications Manager access controlmedium🔒--🔒
125398Oracle E-Business Suite Oracle Applications Framework access controlmedium🔒--🔒
125397Oracle E-Business Suite Oracle Application Object Library access controlmedium🔒--🔒
125396Oracle Construction/Engineering Suite input validation [CVE-2018-11039]medium🔒--🔒
125395Oracle Construction/Engineering Suite Primavera Unifier access controlmedium🔒--🔒
125394Oracle Construction/Engineering Suite access control [CVE-2018-3281]medium🔒--🔒
125393Oracle Construction/Engineering Suite access control [CVE-2018-3241]medium🔒--🔒
125392Oracle Construction/Engineering Suite Primavera Gateway cross site scriptingmedium🔒--🔒
125391Oracle Construction/Engineering Suite Instantis EnterpriseTrack access controlmedium🔒--🔒
125390Oracle Construction/Engineering Suite Instantis EnterpriseTrack deserializationmedium🔒--🔒
125389Oracle Construction/Engineering Suite Primavera Unifier deserializationmedium🔒--🔒
125388Oracle Construction/Engineering Suite Primavera Gateway incomplete blacklisthigh🔒--🔒
125387Oracle Construction/Engineering Suite Primavera Gateway security check for standardhigh🔒--🔒
125386Oracle Communications Performance Intelligence Center (PIC) Software resteasy-jaxrs xml external entity referencemedium🔒---
125385Oracle Communications Performance Intelligence Center (PIC) Software OpenSSL information disclosuremedium🔒---
125384Oracle Communications Application Session Controller OpenSSL cryptographic issuesmedium🔒---
125383Oracle Communications Performance Intelligence Center (PIC) Software Apache Trinidad deserializationmedium🔒---
125382Oracle Communications Performance Intelligence Center (PIC) Software Objective System ASN1C integer overflowmedium🔒---
125381Oracle Communications MetaSolv Solution Print Preview deserializationmedium🔒--🔒
125380Oracle Communications Instant Messaging Server jackson-databind deserializationmedium🔒---
125379Oracle Communications Performance Intelligence Center (PIC) Software Apache Struts 1 input validationmedium🔒---
125378Oracle Communications Performance Intelligence Center (PIC) Software Spring Framework Remote Privilege Escalationmedium🔒---
125377Oracle Communications Performance Intelligence Center (PIC) Software Apache Commons Collections deserializationmedium🔒---
125376Oracle Communications Application Session Controller Apache Commons Collections deserializationmedium🔒---
125375Oracle Communications User Data Repository Apache Xerces memory corruptionhigh🔒---
125374Oracle Communications Messaging Server Convergence deserializationhigh🔒---
125373Oracle Communications Application Session Controller Glibc Ghost memory corruptionhigh🔒---
125372Oracle GoldenGate Manager null pointer dereference [CVE-2018-2914]medium🔒---
125371Oracle GoldenGate Manager null pointer dereference [CVE-2018-2912]medium🔒---
125370Oracle GoldenGate Monitoring Manager memory corruption [CVE-2018-2913]high🔒---
125369Oracle Big Data Graph Spatial deserialization [CVE-2016-6814]high🔒--🔒
125368Oracle Database Server Rapid Home Provisioning incomplete blacklistlow🔒--🔒
125367Oracle Database Server Oracle Text access control [CVE-2018-3299]medium🔒--🔒
125366Oracle Database Server Java VM access control [CVE-2018-3259]high🔒--🔒
125365libssh SSH2_MSG_USERAUTH_SUCCESS Message improper authenticationhigh🔒--🔒
125364VMware ESXi/Workstation/Fusion SVGA out-of-bounds read [CVE-2018-6974]medium🔒--🔒
125363Neo4j Enterprise Database Server LDAP improper authenticationmedium🔒---
125362Asciidoctor resource management [CVE-2018-18385]low🔒---
125361Info-ZIP UnZIP ZIP Archive list.c memory corruptionmedium🔒---
125360BigTree CMS Image Upload Stored cross site scriptinglow🔒---
125359AlchemyCMS Image Field pictures Stored cross site scriptinglow🔒---
125358IBM WebSphere Application Server Web UI cross site scriptinglow🔒---
125357Pydio Web Application command injection [CVE-2018-14772]medium🔒---
125356Atlassian FishEye/Crucible Windows Installer permission [CVE-2018-13399]medium🔒---
125355Amazon Kindle Fire HD Kernel twl6030-gpadc.c argument injectionlow🔒---
125354Amazon Kindle Fire HD Kernel gcif.c argument injectionlow🔒---
125353Amazon Kindle Fire HD Kernel gcif.c argument injectionlow🔒---
125352Amazon Kindle Fire HD Kernel gcif.c argument injectionlow🔒---
125351Amazon Kindle Fire HD Kernel device.c argument injectionlow🔒---
125350Amazon Kindle Fire HD Kernel rpmsg_omx.c argument injectionlow🔒---
125349Amazon Kindle Fire HD Kernel gcif.c argument injectionlow🔒---
125348QEMU NE2000 NIC Emulation integer overflow [CVE-2018-10839]medium🔒--🔒
125347Advanced HRM Picture input validation [CVE-2018-18382]medium🔒---
125346Z-BlogPHP Image Attachment c_system_admin.php Stored cross site scriptinglow🔒---
125345Orange AirBox setReset 7pk securitymedium🔒---
125344Orange AirBox getWlanClientInfo information disclosurelow🔒---
125343Orange AirBox APN Data getProfileList credentials managementlow🔒---
125342MetInfo index.php cross site scriptinglow🔒---
125341nc-cms cross site scripting [CVE-2018-18361]low🔒---
125340Camaleo CMS User Settings Stored cross site scriptinglow🔒---
125339LUYA CMS create-page Stored cross site scriptinglow🔒---
125338Artifex Ghostscript Sandbox Protection Mechanism information disclosuremedium🔒--🔒
125337NoMachine wintab32.dll untrusted search path [CVE-2018-17980]low🔒---
125336Artifex Ghostscript Sandbox Protection Mechanism access controlmedium🔒--🔒
125335Teltonika RUT9XX Serial Interface access control [CVE-2018-17534]medium🔒---
125334Teltonika RUT9XX hotspotlogin.cgi cross site scriptinglow🔒---
125333Teltonika RUT9XX autologin.cgi os command injectionmedium🔒---
125332IBM Security Key Lifecycle Manager XML Data xml external entity referencemedium🔒---
125331IBM Security Key Lifecycle Manager path traversal [CVE-2018-1744]medium🔒---
125330Ivanti Workspace Control DataStore cryptographic issues [CVE-2018-15593]low🔒---
125329Ivanti Workspace Control access control [CVE-2018-15592]medium🔒---
125328Ivanti Workspace Control Application Whitelisting access controlmedium🔒---
125327Ivanti Workspace Control 7pk security [CVE-2018-15590]medium🔒---
125326Agentejo Cockpit api path traversalmedium🔒---
125325Agentejo Cockpit cross-site request forgery [CVE-2018-15539]low🔒---
125324Agentejo Cockpit cross site scripting [CVE-2018-15538]low🔒---
125323Cisco ClamAV MEW Unpacker mew.c unmew11 Memory out-of-bounds readlow🔒--🔒
125322Intel Graphics Drivers Unified Shader Compiler access controllow🔒---
125321MoinMoin GUI Editor cross site scripting [CVE-2017-5934]low🔒--🔒
125320CentOS Web Panel CentOS-WebPanel.com cross site scriptinglow🔒---
125319CentOS Web Panel index.php path traversalmedium🔒---
125318CentOS Web Panel CentOS-WebPanel.com command injectionmedium🔒---
125317Merlin.PHP exec.php input validationmedium🔒---
125316Merlin.PHP input validation [CVE-2018-18319]medium🔒---
125315Qiku 360 Phone N6 Pro Kernel Module mmcblk0rpmb null pointer dereferencelow🔒---
125314DESHANG DSCMS add.html cross-site request forgerylow🔒---
125313emlog cross-site request forgery [CVE-2018-18316]low🔒---
125312lemon CdnController.java copyMultipartFileToFile unrestricted uploadmedium🔒---
125311elfutils libdwfl dwfl_segment_report_module.c memory corruptionlow🔒--🔒
125310GNU binutils libbfd reloc.c memory corruptionlow🔒---
125309MetInfo index.php cross site scriptinglow🔒---
125308Asus RT-AC58U Advanced_ASUSDDNS_Content.asp cross site scriptinglow🔒---
125307nc-cms HTML Source Editor cross site scripting [CVE-2018-18290]low🔒---
125306Mesliat Zabbix Plugin information disclosure [CVE-2018-18289]low🔒---
125305Asus RT-AC58U HTML Source Code Main_Login.asp information disclosurelow🔒---
125304Next.js Error Page _error cross site scriptinglow🔒---
125303pdfalto XmlAltoOutputDev.cc addAttributsNode memory corruptionmedium🔒---
125302CMS Made Simple Article moduleinterface.php cross site scriptinglow🔒---
125301CMS Made Simple Article moduleinterface.php cross site scriptinglow🔒---
125300WAGO 750-881 SNMP Configuration snmp.ssi cross site scriptinglow🔒---
125299Adobe Acrobat Reader out-of-bounds write [CVE-2018-15938]medium🔒--🔒
125298Adobe Acrobat Reader out-of-bounds write [CVE-2018-15936]medium🔒--🔒
125297Adobe Acrobat Reader out-of-bounds write [CVE-2018-15935]medium🔒--🔒
125296Adobe Acrobat Reader out-of-bounds write [CVE-2018-15934]medium🔒--🔒
125295Adobe Acrobat Reader out-of-bounds write [CVE-2018-15933]medium🔒--🔒
125294Adobe Acrobat Reader out-of-bounds write [CVE-2018-15929]medium🔒--🔒
125293Adobe Acrobat Reader out-of-bounds write [CVE-2018-15928]medium🔒--🔒
125292Cloud Foundry CF Networking Release API Endpoint sql injectionmedium🔒---
125291Foreman Breadcrumbs Bar Stored cross site scriptinglow🔒---
125290Adobe Acrobat Reader out-of-bounds write [CVE-2018-12868]medium🔒--🔒
125289Adobe Acrobat Reader out-of-bounds write [CVE-2018-12865]medium🔒--🔒
125288Adobe Acrobat Reader out-of-bounds write [CVE-2018-12864]medium🔒--🔒
125287Adobe Acrobat Reader out-of-bounds write [CVE-2018-12862]medium🔒--🔒
125286Palo Alto PAN-OS GlobalProtect Portal cross site scripting [CVE-2018-10141]low🔒---
125285BlackBerry Management Console UEM information disclosure [CVE-2018-8890]low🔒---
125284Yokogawa STARDOM Controllers Session Management session fixiationlow🔒---
125283Yokogawa STARDOM Controllers Web Application Credentials credentials managementlow🔒---
125282Yokogawa STARDOM Controller resource consumption [CVE-2018-17898]low🔒---
125281Yokogawa STARDOM Controller hard-coded credentials [CVE-2018-17896]medium🔒---
125280NUUO CMS hard-coded credentials [CVE-2018-17894]medium🔒---
125279NUUO CMS User Account Control access control [CVE-2018-17892]medium🔒---
125278NUUO CMS Remote Code Execution [CVE-2018-17890]medium🔒---
125277NUUO CMS Session random values [CVE-2018-17888]medium🔒---
125276Micro Focus Enterprise Developer/Enterprise Server HTTP Request Parameter null pointer dereferencelow🔒---
125275IBM FileNet Content Manager XML Data xml external entity referencemedium🔒---
125274IBM WebSphere Application Server path traversal [CVE-2018-1770]medium🔒--🔒
125273IBM Rational Publishing Engine Web UI cross site scripting [CVE-2018-1534]low🔒---
125272IBM Rational Publishing Engine Web UI cross site scripting [CVE-2018-1533]low🔒---
125271IBM WebSphere Application Server IBM Cloud Password information disclosurelow🔒---
125270Wireshark MS-WSP Protocol Dissector packet-mswsp.c null pointer dereferencelow🔒--🔒
125269Wireshark Steam IHS Discovery Dissector packet-steam-ihs-discovery.c resource managementlow🔒--🔒
125268Wireshark CoAP Dissector packet-coap.c input validationlow🔒--🔒
125267IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1673]low🔒---
125266IBM BigFix Platform Credential Storage credentials managementlow🔒---
125265Blueimp jQuery-File-Upload File Upload unrestricted upload [CVE-2018-9206]medium🔒--🔒
125264BageCMS code injection [CVE-2018-18258]medium🔒---
125263BageCMS path traversal [CVE-2018-18257]medium🔒---
125262youke365 login.html sql injectionmedium🔒---
125261Pippo XstreamEngine input validation [CVE-2018-18240]medium🔒---
125260youke365 user.html cross-site request forgerylow🔒---
125259Delta Industrial Automation TPEditor Project File memory corruptionmedium🔒---
125258Delta Industrial Automation TPEditor Project File out-of-bounds writemedium🔒---
125257IBM Security Key Lifecycle Manager SKLM Server improper authenticationlow🔒---
125256IBM Security Key Lifecycle Manager Authentication Mechanism improper authenticationmedium🔒---
125255IBM Spectrum LSF File Permission access control [CVE-2018-1724]medium🔒---
125254IBM Spectrum Symphony Web UI information disclosure [CVE-2018-1708]low🔒---
125253IBM Spectrum Symphony Web UI cross site scripting [CVE-2018-1706]low🔒---
125252Dell Encryption/Endpoint Security Suite Enterprise Group Policy 7pk securitylow🔒---
125251Whale Browser Installer untrusted search path [CVE-2018-12449]low🔒---
125250Corsair Utility Engine CorsairService permission [CVE-2018-12441]low🔒---
125249Microsoft .NET Core information disclosure [CVE-2018-8292]low🔒--🔒
125248Apache ActiveMQ Web-based Administration Console queue.jsp cross site scriptingmedium🔒--🔒
125247PbootCMS sql injection [CVE-2018-18211]medium🔒---
125246DiliCMS cross site scripting [CVE-2018-18210]low🔒---
125245DiliCMS cross site scripting [CVE-2018-18209]low🔒---
125244Virtualmin webmin_search.cgi cross site scriptinglow🔒---
125243Virtualmin settings-editor_read.cgi Frame injectionlow🔒---
125242Responsive FileManager dialog.php Reflected cross site scriptinglow🔒---
125241Responsive FileManager Interface dialog.php improper authenticationmedium🔒---
125240Gigasoft GE iFIX 7pk security [CVE-2018-17925]medium🔒---
125239Hangzhou Xiongmai XMeye P2P Cloud Server hard-coded credentialsmedium🔒---
125238Hangzhou Xiongmai XMeye P2P Cloud Server MAC Address information disclosurelow🔒---
125237Hangzhou Xiongmai XMeye P2P Cloud Server cryptographic issuesmedium🔒---
125236SugarCRM Community Edition YUI/FlashCanvas cross site scriptinglow🔒---
125235Intelbras NPLUG SSID cross site scripting [CVE-2018-17337]low🔒---
125234tinc VPN Packet cryptographic issues [CVE-2018-16758]medium🔒--🔒
125233tinc Authentication Protocol improper authentication [CVE-2018-16738]low🔒--🔒
125232tinc Authentication Protocol improper authentication [CVE-2018-16737]low🔒--🔒
125231F5 BIG-IP LRO resource management [CVE-2018-15311]low🔒--🔒
125230Siemens SIMATIC ET/SIMATIC S7-1500/SIMATIC S7-1500 Network Stack resource consumptionlow🔒---
125229Siemens ROX II SSH Interface command injection [CVE-2018-13802]medium🔒---
125228Siemens ROX II Service Port 22 access control [CVE-2018-13801]medium🔒---
125227Siemens SIMATIC S7-1200 Web Interface cross-site request forgerylow🔒---
125226Descor Infocad FM Web Service 7pk security [CVE-2018-13789]low🔒---
125225EPiServer Ektron CMS activateuser.aspx access controlmedium🔒---
125224Eclipse Vert.x OpenAPI XML Parser xml external entity referencemedium🔒---
125223Eclipse Vert.x StaticHandler path traversalmedium🔒---
125222Eclipse Vert.x memory corruption [CVE-2018-12541]low🔒---
125221Intelbras NPLUG Web Interface cross-site request forgery [CVE-2018-12456]low🔒---
125220Intelbras NPLUG Web Interface improper authentication [CVE-2018-12455]medium🔒---
125219TIBCO Spotfire Statistics Services Web Server privileges managementmedium🔒---
125218Intel QuickAssist Technology for Linux Access Control information disclosurelow🔒---
125217Intel Server Board/Server System/Compute Module Access Protection access controlmedium🔒---
125216Intel S7200AP/S7200APR/HNS7200AP/HNS7200AP Password Hashing credentials managementlow🔒---
125215Intel Rapid Web Server information disclosure [CVE-2018-12161]low🔒---
125214Intel NUC FW Kit BIOS Update Utility input validation [CVE-2018-12158]medium🔒---
125213Intel Graphics Drivers Unified Shader Compiler input validationlow🔒---
125212Intel Graphics Drivers Unified Shader Compile memory corruptionmedium🔒---
125211Intel NVMe/RSTe Driver Pack Installer access control [CVE-2018-12131]medium🔒---
125210Juniper Junos Management Interface resource consumption [CVE-2018-0063]low🔒---
125209Juniper Junos J-Web Service input validation [CVE-2018-0062]low🔒---
125208Juniper Junos resource consumption [CVE-2018-0061]low🔒---
125207Juniper Junos dcd input validation [CVE-2018-0060]low🔒---
125206Juniper ScreenOS Graphical User Interface Persistent cross site scriptinglow🔒--🔒
125205Juniper Junos IPv6 Exception Packet input validation [CVE-2018-0058]low🔒---
125204Juniper Junos BBE input validation [CVE-2018-0057]low🔒---
125203Juniper Junos L2ALD input validation [CVE-2018-0056]low🔒---
125202Juniper Junos DHCP Service input validation [CVE-2018-0055]low🔒---
125201Juniper Junos Management Interface resource consumption [CVE-2018-0054]low🔒---
125200Juniper Junos Boot Sequence improper authentication [CVE-2018-0053]medium🔒---
125199Juniper Junos RSH Service improper authentication [CVE-2018-0052]high🔒---
125198Juniper Junos SIP Application Layer Gateway input validationlow🔒---
125197Juniper Junos RPD input validation [CVE-2018-0050]low🔒---
125196Juniper Junos Kernel null pointer dereference [CVE-2018-0049]medium🔒---
125195Juniper Junos RPD resource consumption [CVE-2018-0048]low🔒--🔒
125194Juniper Junos Space Security Director UI Framework Persistent cross site scriptinglow🔒---
125193Juniper Junos Space OpenNMS Reflected cross site scriptinglow🔒---
125192Juniper Junos RPD input validation [CVE-2018-0045]medium🔒---
125191Juniper Junos JDM improper authentication [CVE-2018-0044]low🔒---
125190Juniper Junos RPD input validation [CVE-2018-0043]low🔒--🔒
125189Facebook WhatsApp Messenger RTP Packet heap-based overflowmedium🔒---
125188Huawei MyCloud APP Factory Reset Protection access control [CVE-2018-7928]medium🔒---
125187EpiCentro Login Form login code injectionlow🔒---
125186EpiCentro httpd memory corruption [CVE-2018-7632]medium🔒---
125185EpiCentro httpd memory corruption [CVE-2018-7631]medium🔒---
125184VMware ESXi/Workstation/Fusion 3d Rendering Shader resource consumptionlow🔒---
125183Kubernetes apiserver access control [CVE-2018-2475]medium🔒---
125182SAP Fiori cross-site request forgery [CVE-2018-2474]low🔒---
125181SAP Business Intelligence Web Intelligence DHTML Client cross site scriptinglow🔒---
125180SAP Business Intelligence information disclosure [CVE-2018-2471]low🔒---
125179SAP NetWeaver Application Server for ABAP cross site scriptinglow🔒---
125178SAP Adaptive Server Enterprise information disclosure [CVE-2018-2469]low🔒---
125177SAP Adaptive Server Enterprise Backup Server information disclosuremedium🔒---
125176SAP BusinessObjects BI Platform Servers SDK Path information disclosurelow🔒---
125175SAP Data Services Management Console cross site scripting [CVE-2018-2466]low🔒---
125174Bytom net.go checkTopicRegister integer overflowlow🔒---
125173QLogic 4Gb Fibre Channel/4-8Gb SAN credentials management [CVE-2018-18202]medium🔒---
125172qibosoft cross-site request forgery [CVE-2018-18201]low🔒---
125171Redaxo Benutzerverwaltung sql injection [CVE-2018-18200]medium🔒---
125170Redaxo Mediamanager cross site scripting [CVE-2018-18199]low🔒---
125169Redaxo index.php cross site scriptinglow🔒---
125168libgig DLS.cpp Sampler memory corruptionmedium🔒---
125167libgig RIFF.cpp GetListTypeString out-of-bounds readmedium🔒---
125166libgig DLS.cpp Sample divide by zerolow🔒---
125165libgig DLS.cpp GetSample out-of-bounds readmedium🔒---
125164libgig DLS.cpp File memory corruptionmedium🔒---
125163libgig DLS.cpp GetFirstSample out-of-bounds readlow🔒---
125162dayrui FineCMS cross-site request forgery [CVE-2018-18191]low🔒---
125161GoPro gpmf-parser GPMF_parser.c GPMF_ScaledData divide by zerolow🔒---
125160OpenJPEG convert.c imagetopnm null pointer dereferencelow🔒--🔒
125159Bixie Portfolio Plugin ${project_title} cross site scriptinglow🔒---
125158EmpireCMS File Upload moddofun.php LoadInMod unrestricted uploadmedium🔒---
125157DuomiCMS ajax.php sql injectionmedium🔒---
125156DuomiCMS search.php code injectionmedium🔒---
125155Waimai Super CMS cross site scripting [CVE-2018-18082]low🔒---
125154Wikidforum rpc.php sql injectionmedium🔒---
125153Requests Package credentials management [CVE-2018-18074]low🔒--🔒
125152Navigate CMS navigate.php Stored cross site scriptinglow🔒---
125151QEMU net.c qemu_deliver_packet_iov integer overflowmedium🔒--🔒
125150QEMU pcnet.c pcnet_receive memory corruptionmedium🔒--🔒
125149QEMU rtl8139.c rtl8139_do_receive integer overflowmedium🔒--🔒
125148Ultimate Member - User Profile / Membership Plugin um-actions-login.php cross site scriptinglow🔒---
125147Joomla CMS com_contact 7pk security [CVE-2018-17859]medium🔒--🔒
125146Joomla CMS com_installer cross-site request forgery [CVE-2018-17858]low🔒--🔒
125145Joomla CMS Tags Search access control [CVE-2018-17857]medium🔒--🔒
125144Joomla CMS com_joomlaupdate input validation [CVE-2018-17856]medium🔒--🔒
125143Joomla CMS Registration access control [CVE-2018-17855]medium🔒--🔒
125142Telegram Messenger Biometric Validation keyGenerator improper authentication [Disputed]medium🔒---
125141Telegram Messenger improper authentication [CVE-2018-15542] [Disputed]medium🔒---
125140Red Hat Ceph Storage ceph-isci-cli rbd-target-api privileges managementmedium🔒--🔒
125139D-Link DIR-809 A1/DIR-809 A2/Guest Zone credentials managementmedium🔒---
125138D-Link DIR-809 A1/DIR-809 A2/Guest Zone improper authenticationmedium🔒---
125137openSUSE Open Build Service Request ID input validation [CVE-2018-12479]low🔒---
125136openSUSE Open Build Service input validation [CVE-2018-12478]medium🔒---
125135openSUSE Open Build Service crlf injection [CVE-2018-12477]medium🔒---
125134openSUSE Open Build Service obs-service-tar_scm input validationmedium🔒---
125133Apache Tika XML Parser reset xml external entity referencelow🔒---
125132LeviStudioU Project XML File xml external entity reference [CVE-2018-10614]medium🔒---
125131LeviStudioU Project File out-of-bounds write [CVE-2018-10610]medium🔒---
125130Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
125129Microsoft SQL Server Management Studio XML Content xml external entity referencemedium🔒--🔒
125128Microsoft Exchange Server MFC Library Loader untrusted search pathlow🔒--🔒
125127Microsoft SQL Server Management Studio XMLA File xml external entity referencemedium🔒--🔒
125126Microsoft Azure IoT Edge/Hub Device Client SDK for Azure IoT MQTT Object memory corruptionmedium🔒---
125125Microsoft Edge Security Feature 7pk security [CVE-2018-8530]medium🔒--🔒
125124Microsoft SQL Server Management Studio XEL File xml external entity referencemedium🔒--🔒
125123Microsoft Windows Codecs Library information disclosure [CVE-2018-8506]low🔒--🔒
125122Microsoft Windows TCP/IP information disclosure [CVE-2018-8493]low🔒---
125121Microsoft Windows DirectX information disclosure [CVE-2018-8486]medium🔒--🔒
125120Microsoft Windows Windows Media Player information disclosurelow🔒--🔒
125119Microsoft Windows Windows Media Player information disclosurelow🔒--🔒
125118Microsoft Windows GDI information disclosure [CVE-2018-8472]low🔒--🔒
125117Microsoft Windows Kernel information disclosure [CVE-2018-8330]low🔒--🔒
125116Microsoft Exchange Server access control [CVE-2018-8265]medium🔒--🔒
125115Microsoft Windows Theme API input validation [CVE-2018-8413]medium🔒--🔒
125114Microsoft Windows Windows Shell input validation [CVE-2018-8495]medium🔒--🔒
125113Microsoft Windows Kernel access control [CVE-2018-8497]medium🔒--🔒
125112Microsoft Windows Subsystem for Linux access control [CVE-2018-8329]medium🔒--🔒
125111Microsoft Windows Device Guard Code Integrity Policy 7pk securitymedium🔒--🔒
125110Microsoft Windows DNS Global Blocklist 7pk security [CVE-2018-8320]medium🔒--🔒
125109Microsoft Windows NTFS access control [CVE-2018-8411]medium🔒--🔒
125108Microsoft Windows Filter Manager access control [CVE-2018-8333]medium🔒--🔒
125107Microsoft SharePoint Enterprise Server access control [CVE-2018-8498]low🔒--🔒
125106Microsoft SharePoint Enterprise Server cross site scripting [CVE-2018-8488]low🔒--🔒
125105Microsoft SharePoint Enterprise Server access control [CVE-2018-8518]low🔒--🔒
125104Microsoft SharePoint Enterprise Server access control [CVE-2018-8480]low🔒--🔒
125103Microsoft Windows Graphics Component information disclosure [CVE-2018-8427]low🔒--🔒
125102Microsoft Office/Word Protected View data processing [CVE-2018-8504]medium🔒--🔒
125101Microsoft Windows Graphics Component memory corruption [CVE-2018-8432]medium🔒--🔒
125100Microsoft Office/PowerPoint Protected View data processing [CVE-2018-8501]medium🔒--🔒
125099Microsoft Office/Excel Protected View data processing [CVE-2018-8502]medium🔒--🔒
125098Microsoft Windows JET Database Engine input validation [CVE-2018-8423]medium🔒--🔒
125097Microsoft Windows DirectX Graphics access control [CVE-2018-8484]medium🔒--🔒
125096Microsoft Windows Win32k access control [CVE-2018-8453]medium🔒--🔒
125095Microsoft Exchange Server Outlook Web Access access control [CVE-2018-8448]medium🔒--🔒
125094Microsoft Edge Security Feature input validation [CVE-2018-8512]medium🔒--🔒
125093Microsoft Windows Hyper-V input validation [CVE-2018-8489]medium🔒--🔒
125092Microsoft Windows Hyper-V input validation [CVE-2018-8490]medium🔒--🔒
125091Microsoft Windows MS XML xml external entity reference [CVE-2018-8494]medium🔒--🔒
125090Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
125089Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
125088Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
125087Microsoft ChakraCore Scripting Engine memory corruption [CVE-2018-8500]medium🔒---
125086Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruptionmedium🔒--🔒
125085Microsoft Edge/ChakraCore memory corruption [CVE-2018-8473]medium🔒--🔒
125084Microsoft Edge memory corruption [CVE-2018-8509]medium🔒--🔒
125083Microsoft Internet Explorer memory corruption [CVE-2018-8460]medium🔒--🔒
125082Microsoft Internet Explorer memory corruption [CVE-2018-8491]medium🔒--🔒
125081Daimler Mercedes Me App Certificate Pinning information disclosuremedium🔒---
125080Daimler Mercedes Comand Navigation Route Calculation data processing [Disputed]medium🔒---
125079Auto-Maskin DCU 210E/RP-210E/Marine Pro Observer Embedded Web Server cryptographic issuesmedium🔒---
125078Auto-Maskin DCU 210E/RP-210E/Marine Pro Observer Android App information disclosuremedium🔒---
125077Auto-Maskin DCU-210E RP-210E Modbus Communication origin validationmedium🔒---
125076Auto-Maskin DCU 210E Dropbear SSH Server hard-coded credentialsmedium🔒---
125075Foxit PDF Reader Javascript Engine use after free [CVE-2018-3997]medium🔒--🔒
125074Foxit PDF Reader Javascript Engine use after free [CVE-2018-3996]medium🔒--🔒
125073Foxit PDF Reader Javascript Engine use after free [CVE-2018-3992]medium🔒--🔒
125072Foxit PDF Reader Javascript Engine use after free [CVE-2018-3945]medium🔒--🔒
125071Foxit PDF Reader Javascript Engine use after free [CVE-2018-3942]medium🔒--🔒
125070Foxit PDF Reader Javascript Engine use after free [CVE-2018-3941]medium🔒--🔒
125069Foxit PDF Reader Javascript Engine use after free [CVE-2018-3940]medium🔒--🔒
125068WPML Plugin process_forms theme-localization.php cross site scriptinglow🔒---
125067net-snmp snmp_api.c null pointer dereference [CVE-2018-18066]low🔒---
125066net-snmp table_container.c _set_key null pointer dereferencelow🔒--🔒
125065Cairo WebKitGTK+ cairo-rectangular-scan-converter.c _cairo_image_spans_and_zero memory corruptionmedium🔒---
125064Linux Kernel resource consumption [CVE-2018-17977]low🔒---
125063WECON Technology PI Studio HMI/PI Studio Object File Parser xml external entity referencemedium🔒---
125062Seqrite End Point Security access control [CVE-2018-17775]low🔒---
125061IBM Tivoli Key Lifecycle Manager Error Message information disclosurelow🔒---
125060IBM Security Key Lifecycle Manager Permission permission [CVE-2018-1750]medium🔒---
125059IBM Tivoli Key Lifecycle Manager Blacklist input validation [CVE-2018-1749]medium🔒---
125058D-Link Central WiFi Manager Stored cross site scripting [CVE-2018-17443]low🔒---
125057D-Link Central WiFi Manager File Upload unrestricted upload [CVE-2018-17442]medium🔒---
125056D-Link Central WiFi Manager Stored cross site scripting [CVE-2018-17441]low🔒---
125055D-Link Central WiFi Manager FTP Server unrestricted upload [CVE-2018-17440]medium🔒---
125054IBM Tivoli Key Lifecycle Manager information disclosure [CVE-2018-1743]low🔒---
125053IBM Tivoli Key Lifecycle Manager hard-coded credentials [CVE-2018-1742]medium🔒---
125052IBM Tivoli Key Lifecycle Manager input validation [CVE-2018-1741]medium🔒---
125051Telerik Extensions for ASP.NET MVC access control [CVE-2018-17060]medium🔒---
125050Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16297]medium🔒--🔒
125049Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16296]medium🔒--🔒
125048Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16295]medium🔒--🔒
125047Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16294]medium🔒--🔒
125046Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16293]medium🔒--🔒
125045Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16292]medium🔒--🔒
125044Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16291]medium🔒--🔒
125043Discuss Module Stored cross site scripting [CVE-2018-15903]low🔒---
125042WECON Technology PI Studio HMI/PI Studio memory corruption [CVE-2018-14818]medium🔒---
125041WECON Technology PI Studio HMI/PI Studio out-of-bounds writemedium🔒---
125040Linux Kernel show_opcodes Kernel Memory input validationlow🔒---
125039Rust Programming Language Standard Library repeat integer overflowmedium🔒--🔒
125038privacyIDEA check input validationlow🔒---
125037pyOpenSSL PKCS #12 Store denial of service [CVE-2018-1000808]low🔒--🔒
125036pyOpenSSL X.509 Object use after free [CVE-2018-1000807]medium🔒--🔒
125035Paramiko SSH Server access control [CVE-2018-1000805]medium🔒--🔒
125034Contiki-NG AQL Database Engine memory corruption [CVE-2018-1000804]medium🔒---
125033Gitea information disclosure [CVE-2018-1000803]low🔒---
125032F5 BIG-IP Traffic Management Microkernel input validation [CVE-2016-7475]medium🔒--🔒
125031Adobe Acrobat Reader access control [CVE-2018-15966]medium🔒--🔒
125030Adobe Acrobat Reader null pointer dereference [CVE-2018-15937]medium🔒--🔒
125029Adobe Acrobat Reader null pointer dereference [CVE-2018-15931]medium🔒--🔒
125028Adobe Acrobat Reader null pointer dereference [CVE-2018-15930]medium🔒--🔒
125027Adobe Acrobat Reader memory corruption [CVE-2018-15951]medium🔒--🔒
125026Adobe Acrobat Reader memory corruption [CVE-2018-12855]medium🔒--🔒
125025Adobe Acrobat Reader memory corruption [CVE-2018-12853]medium🔒--🔒
125024Adobe Acrobat Reader integer overflow [CVE-2018-12881]medium🔒--🔒
125023Adobe Acrobat Reader integer overflow [CVE-2018-12842]medium🔒--🔒
125022Adobe Acrobat Reader double free [CVE-2018-12841]medium🔒--🔒
125021Adobe Acrobat Reader memory corruption [CVE-2018-12838]medium🔒--🔒
125020Adobe Acrobat Reader type conversion [CVE-2018-12876]medium🔒--🔒
125019Adobe Acrobat Reader type conversion [CVE-2018-12858]medium🔒--🔒
125018Adobe Acrobat Reader type conversion [CVE-2018-12835]medium🔒--🔒
125017Adobe Acrobat Reader use after free [CVE-2018-15924]medium🔒--🔒
125016Adobe Acrobat Reader use after free [CVE-2018-15920]medium🔒--🔒
125015Adobe Acrobat Reader use after free [CVE-2018-12877]medium🔒--🔒
125014Adobe Acrobat Reader use after free [CVE-2018-12863]medium🔒--🔒
125013Adobe Acrobat Reader use after free [CVE-2018-12852]medium🔒--🔒
125012Adobe Acrobat Reader use after free [CVE-2018-12831]medium🔒--🔒
125011Adobe Acrobat Reader use after free [CVE-2018-12769]medium🔒--🔒
125010Adobe Acrobat Reader memory corruption [CVE-2018-12851]medium🔒--🔒
125009Adobe Acrobat Reader memory corruption [CVE-2018-12847]medium🔒--🔒
125008Adobe Acrobat Reader memory corruption [CVE-2018-12846]medium🔒--🔒
125007Adobe Acrobat Reader memory corruption [CVE-2018-12837]medium🔒--🔒
125006Adobe Acrobat Reader memory corruption [CVE-2018-12836]medium🔒--🔒
125005Adobe Acrobat Reader memory corruption [CVE-2018-12833]medium🔒--🔒
125004Adobe Acrobat Reader memory corruption [CVE-2018-12832]medium🔒--🔒
125003Adobe Acrobat Reader out-of-bounds read [CVE-2018-15956]medium🔒--🔒
125002Adobe Acrobat Reader out-of-bounds read [CVE-2018-15953]medium🔒--🔒
125001Adobe Acrobat Reader out-of-bounds read [CVE-2018-15950]medium🔒--🔒
125000Adobe Acrobat Reader out-of-bounds read [CVE-2018-15949]medium🔒---
124999Adobe Acrobat Reader out-of-bounds read [CVE-2018-15948]medium🔒--🔒
124998Adobe Acrobat Reader out-of-bounds read [CVE-2018-15947]medium🔒--🔒
124997Adobe Acrobat Reader out-of-bounds read [CVE-2018-15946]medium🔒--🔒
124996Adobe Acrobat Reader out-of-bounds read [CVE-2018-15943]medium🔒--🔒
124995Adobe Acrobat Reader out-of-bounds read [CVE-2018-15942]medium🔒--🔒
124994Adobe Acrobat Reader out-of-bounds read [CVE-2018-15932]medium🔒--🔒
124993Adobe Acrobat Reader out-of-bounds read [CVE-2018-15927]medium🔒--🔒
124992Adobe Acrobat Reader out-of-bounds read [CVE-2018-15926]medium🔒--🔒
124991Adobe Acrobat Reader out-of-bounds read [CVE-2018-15925]medium🔒--🔒
124990Adobe Acrobat Reader out-of-bounds read [CVE-2018-15923]medium🔒--🔒
124989Adobe Acrobat Reader out-of-bounds read [CVE-2018-15922]medium🔒--🔒
124988Adobe Acrobat Reader out-of-bounds read [CVE-2018-12880]medium🔒--🔒
124987Adobe Acrobat Reader out-of-bounds read [CVE-2018-12879]medium🔒--🔒
124986Adobe Acrobat Reader out-of-bounds read [CVE-2018-12878]medium🔒--🔒
124985Adobe Acrobat Reader out-of-bounds read [CVE-2018-12875]medium🔒--🔒
124984Adobe Acrobat Reader out-of-bounds read [CVE-2018-12874]medium🔒--🔒
124983Adobe Acrobat Reader out-of-bounds read [CVE-2018-12873]medium🔒--🔒
124982Adobe Acrobat Reader out-of-bounds read [CVE-2018-12872]medium🔒--🔒
124981Adobe Acrobat Reader out-of-bounds read [CVE-2018-12871]medium🔒--🔒
124980Adobe Acrobat Reader out-of-bounds read [CVE-2018-12870]medium🔒--🔒
124979Adobe Acrobat Reader out-of-bounds read [CVE-2018-12869]medium🔒--🔒
124978Adobe Acrobat Reader out-of-bounds read [CVE-2018-12867]medium🔒--🔒
124977Adobe Acrobat Reader out-of-bounds read [CVE-2018-12866]medium🔒--🔒
124976Adobe Acrobat Reader out-of-bounds read [CVE-2018-12859]medium🔒--🔒
124975Adobe Acrobat Reader out-of-bounds read [CVE-2018-12857]medium🔒--🔒
124974Adobe Acrobat Reader out-of-bounds read [CVE-2018-12856]medium🔒--🔒
124973Adobe Acrobat Reader out-of-bounds read [CVE-2018-12845]medium🔒--🔒
124972Adobe Acrobat Reader out-of-bounds read [CVE-2018-12844]medium🔒--🔒
124971Adobe Acrobat Reader out-of-bounds read [CVE-2018-12843]medium🔒--🔒
124970Adobe Acrobat Reader out-of-bounds read [CVE-2018-12839]medium🔒--🔒
124969Adobe Acrobat Reader out-of-bounds read [CVE-2018-12834]medium🔒--🔒
124968Adobe Acrobat Reader out-of-bounds read [CVE-2018-15968]medium🔒--🔒
124967Adobe Acrobat Reader out-of-bounds write [CVE-2018-15955]medium🔒--🔒
124966Adobe Acrobat Reader out-of-bounds write [CVE-2018-15954]medium🔒--🔒
124965Adobe Acrobat Reader out-of-bounds write [CVE-2018-15952]medium🔒--🔒
124964Adobe Acrobat Reader out-of-bounds write [CVE-2018-15945]medium🔒--🔒
124963Adobe Acrobat Reader out-of-bounds write [CVE-2018-15944]medium🔒--🔒
124962Adobe Acrobat Reader out-of-bounds write [CVE-2018-15941]medium🔒--🔒
124961Adobe Acrobat Reader out-of-bounds write [CVE-2018-15940]medium🔒--🔒
124960Adobe Acrobat Reader out-of-bounds write [CVE-2018-15939]medium🔒--🔒
124959Adobe Acrobat Reader out-of-bounds write [CVE-2018-12861]medium🔒--🔒
124958Adobe Acrobat Reader out-of-bounds write [CVE-2018-12860]medium🔒--🔒
124957Adobe Acrobat Reader out-of-bounds write [CVE-2018-12759]medium🔒--🔒
124956ImageMagick SVG Image File pict.c EncodeImage out-of-bounds readmedium🔒--🔒
124955ImageMagick BMP File bmp.c ReadBMPImage resource consumptionlow🔒--🔒
124954ImageMagick SVG Image File svg.c SVGStripString out-of-bounds readmedium🔒---
124953Linux Kernel KVM guest.c input validationmedium🔒--🔒
124952wp-slimstat Plugin HTTP Referer Header cross site scripting [CVE-2015-9273]low🔒---
124951eXtplorer index.php ext_find_user improper authenticationmedium🔒---
124950QPDF QPDFWriter.cc unparseChild input validationlow🔒---
124949Git Clone input validation [CVE-2018-17456]medium🔒--🔒
124948VMware Workspace ONE Unified Endpoint Management Console SAML Authentication improper authenticationmedium🔒--🔒
124947IBM Robotic Process Automation with Automation Anywhere Persistent cross site scriptinglow🔒---
124946ImageMagick pcx.c WritePCXImage resource managementlow🔒--🔒
124945razorCMS data cross-site request forgerylow🔒---
124944IBM Robotic Process Automation with Automation Anywhere Web UI cross site scriptinglow🔒---
124943IBM Spectrum Scale GPFS Command Line Utility access control [CVE-2018-1783]medium🔒---
124942IBM Spectrum Scale GPFS Command Line Utility information disclosuremedium🔒---
124941IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1686]low🔒---
124940IBM QRadar Incident Forensics path traversal [CVE-2018-1649]medium🔒---
124939IBM QRadar Incident Forensics resource management [CVE-2018-1647]low🔒---
124938Pivotal Container Service IaaS Credential Log credentials managementlow🔒---
124937Cisco WebEx Training Center Web-based Management Interface cross site scriptinglow🔒---
124936Cisco Unified IP Phone Web-based Management Interface cross site scriptinglow🔒---
124935Cisco Prime Infrastructure Server Backup information disclosurelow🔒---
124934Cisco Prime Infrastructure Server Backup information disclosurelow🔒---
124933Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124932Cisco Expressway/TelePresence Video Communication Server input validationmedium🔒---
124931Cisco HyperFlex HX Data Platform Web-based UI information disclosurelow🔒---
124930Cisco IOS XR Border Gateway Protocol input validation [CVE-2018-15428]low🔒---
124929Cisco Connected Safety/Security Unified Computing System Video Surveillance Manager hard-coded credentialshigh🔒---
124928Cisco Unity Connection Web-based Interface Stored cross site scriptinglow🔒---
124927Cisco Identity Services Engine Web-based Management Interface input validationmedium🔒---
124926Cisco Identity Services Engine Web-based Management Interface input validationmedium🔒---
124925Cisco HyperFlex Software Web UI input validation [CVE-2018-15423]medium🔒---
124924Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124923Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124922Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124921Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124920Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124919Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124918Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124917Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124916Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124915Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124914Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124913Cisco WebEx Network Recording Player ARF File memory corruptionmedium🔒---
124912Cisco WebEx Network Recording Player ARF File memory corruptionmedium🔒---
124911Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124910Cisco WebEx Network Recording Player ARF File input validationmedium🔒---
124909Cisco HyperFlex Software Installation information disclosurelow🔒---
124908Cisco UCS Director Web-based Management Interface Stored cross site scriptinglow🔒---
124907Cisco Integrated Management Controller Web Interface information disclosurelow🔒---
124906Cisco Integrated Management Controller Web Interface resource managementlow🔒---
124905Cisco Emergency Responder redirect [CVE-2018-15403]medium🔒---
124904Cisco Hosted Collaboration Mediation Fulfillment Web-based Management Interface cross-site request forgerylow🔒---
124903Cisco Cloud Services Platform 2100 Web-based Management Interface cross site scriptinglow🔒---
124902Cisco ASA/AMP/FirePOWER TCP Syslog Module resource consumptionlow🔒---
124901Cisco ASA/Firepower Threat Defense Per-User-Override access controlmedium🔒---
124900Cisco ASA/Firepower Threat Defense TFC over IPsec key managementlow🔒---
124899Cisco Unity Connection Bulk Administration Tool resource managementlow🔒---
124898Cisco Industrial Network Director DHCP Service resource managementlow🔒---
124897Cisco Remote PHY Software IPv4 Fragment resource management [CVE-2018-15391]medium🔒---
124896Cisco Firepower Threat Defense FTP Inspection Engine resource managementlow🔒--🔒
124895Cisco Prime Collaboration Provisioning Administrative Web Interface credentials managementmedium🔒---
124894Cisco SD-WAN Solution input validation [CVE-2018-15387]medium🔒---
124893Cisco Digital Network Architecture config [CVE-2018-15386]medium🔒---
124892Cicoandcico ASA/Firepower Threat Defense Cryptographic Hardware Accelerator Driver resource consumptionlow🔒--🔒
124891Cisco HyperFlex System Remote Code Execution [CVE-2018-15382]medium🔒---
124890Cisco Prime Infrastructure HTTP Web Server permission [CVE-2018-15379]medium🔒--🔒
124889Cisco IOS/IOS XE Network Plug/Play resource consumption [CVE-2018-15377]low🔒---
124888Cisco IOS Embedded Test Subsystem write-what-where conditionmedium🔒---
124887Cisco IOS Embedded Test Subsystem write-what-where conditionmedium🔒---
124886Cisco IOS XE Digital Signature Verification signature verificationmedium🔒---
124885Cisco IOS/IOS XE CDP resource management [CVE-2018-15373]low🔒---
124884Cisco IOS XE MACsec Key Agreement access control [CVE-2018-15372]medium🔒---
124883Cisco IOS XE Shell Access Request Mechanism access control [CVE-2018-15371]medium🔒---
124882Cisco Catalyst 6800 IOS ROM Monitor access control [CVE-2018-15370]medium🔒---
124881Cisco IOS/IOS XE TACACS+ Client Subsystem input validation [CVE-2018-15369]low🔒---
124880Cisco IOS XE CLI Parser input validation [CVE-2018-15368]medium🔒---
1248791Password App input validation [CVE-2018-13042]low🔒---
124878Cloud Foundry Log Cache log file [CVE-2018-1264]low🔒---
124877Apache PDFbox PDF File input validation [CVE-2018-11797]low🔒--🔒
124876Apache Ranger UnixAuthenticationService memory corruption [CVE-2018-11778]medium🔒---
124875Cloud Foundry BOSH UAA improper authorization [CVE-2018-11083]medium🔒---
124874Cloud Foundry UAA MFA Code credentials management [CVE-2018-11082]low🔒---
124873Pivotal Operations Manager Config credentials management [CVE-2018-11081]low🔒---
124872Dell EMC Unity OE/UnityVSA OE File Permission permission [CVE-2018-11064]medium🔒---
124871Cisco ISR G2/ISR4451-X data processing [CVE-2018-0485]low🔒---
124870Cisco IOS XE command injection [CVE-2018-0481]medium🔒--🔒
124869Cisco IOS XE VLAN race condition [CVE-2018-0480]low🔒--🔒
124868Cisco IOS XE CLI Parser command injection [CVE-2018-0477]medium🔒--🔒
124867Cisco IOS XE NAT SIP ALG resource management [CVE-2018-0476]medium🔒--🔒
124866Cisco IOS/IOS XE Cluster Feature input validation [CVE-2018-0475]low🔒--🔒
124865Cisco IOS PTP Subsystem resource management [CVE-2018-0473]low🔒--🔒
124864Cisco IOS XE/ASA 5500-X IPsec Driver input validation [CVE-2018-0472]medium🔒--🔒
124863Cisco IOS XE Cisco Discovery Protocol resource consumption [CVE-2018-0471]low🔒--🔒
124862Cisco IOS XE Web Framework resource management [CVE-2018-0470]medium🔒--🔒
124861Cisco IOS XE Web User Interface double free [CVE-2018-0469]low🔒--🔒
124860Cisco IOS/IOS XE IPv6 input validation [CVE-2018-0467]low🔒--🔒
124859Cisco IOS/IOS XE Open Shortest Path First Version 3 resource managementlow🔒--🔒
124858Cisco Small Business 300 Web-based Management Interface cross site scriptinglow🔒---
124857Cisco Data Center Network Manager Management Interface path traversalmedium🔒--🔒
124856Cisco Network Services Orchestrator Network Plug/Play access controlmedium🔒---
124855Cisco Enterprise NFV Infrastructure Software User Management input validationlow🔒---
124854Cisco Enterprise NFV Infrastructure Software REST API improper authorizationmedium🔒---
124853Cisco Enterprise NFV Infrastructure Software Web-based Management Interface improper authorizationlow🔒---
124852Cisco Prime Collaboration Assurance Web-based Management Interface cross site scriptinglow🔒---
124851Cisco WebEx Player resource management [CVE-2018-0457]low🔒---
124850Cisco Firepower System Software SMBv2/SMv3 data processing [CVE-2018-0455]low🔒---
124849Cisco Cloud Services Platform 2100 Web-based Management Interface command injectionmedium🔒---
124848Cisco Firepower Threat Defense Sourcefire Tunnel Control Channel Protocol access controlmedium🔒---
124847Cisco Tetration Analytics Web-based Management Interface cross site scriptinglow🔒---
124846Cisco Tetration Analytics Web-based Management Interface cross-site request forgerylow🔒---
124845Cisco Data Center Network Manager Web-based Management Interface cross site scriptinglow🔒---
124844Cisco Digital Network Architecture Center Identity Management inadequate encryptionmedium🔒---
124843Cisco Email Security Appliance Anti-Spam Protection Mechanism access controlmedium🔒---
124842Cisco Industrial Network Director Web-based Management Interface cross-site request forgerylow🔒---
124841Cisco Packaged Contact Center Enterprise Web-based Management Interface cross-site request forgerylow🔒---
124840Cisco Packaged Contact Center Enterprise Web-based Management Interface Stored cross site scriptinglow🔒---
124839Cisco Data Center Network Manager Web Interface access controlmedium🔒---
124838Cisco Meeting Server Web-based Management Interface cross-site request forgerylow🔒---
124837Cisco Umbrella Enterprise Roaming Client access control [CVE-2018-0438]medium🔒---
124836Cisco Umbrella Enterprise Roaming Client access control [CVE-2018-0437]medium🔒---
124835Cisco WebEx Teams access control [CVE-2018-0436]medium🔒---
124834Cisco Umbrella API improper authentication [CVE-2018-0435]medium🔒---
124833Cisco SD-WAN Solution Zero Touch Provisioning certificate validationlow🔒---
124832Cisco SD-WAN Solution CLI command injection [CVE-2018-0433]medium🔒---
124831Cisco SD-WAN Solution Error Reporting access control [CVE-2018-0432]medium🔒---
124830Cisco Integrated Management Controller Web-based Management Console command injectionmedium🔒---
124829Cisco Integrated Management Controller Web-based Management Console command injectionmedium🔒---
124828Cisco RV110W/RV130W/RV215W Web-based Management Interface path traversallow🔒---
124827Cisco RV110W/RV130W/RV215W Web-based Management Interface access controllow🔒---
124826Cisco RV110W/RV130W/RV215W Web-based Management Interface command injectionmedium🔒---
124825Cisco RV110W/RV130W/RV215W Web-based Management Interface memory corruptionmedium🔒---
124824Cisco Webex Meetings Client Folder Permission Stored permission assignmentmedium🔒---
124823Cisco Prime Access Registrar TCP Connection Management resource managementlow🔒---
124822Cisco Secure Access Control Server Web UI xml external entity referencelow🔒---
124821Cisco RV180W/RV220W Web Framework path traversal [CVE-2018-0405]medium🔒---
124820Cisco RV180W/RV220W Web Framework SQL sql injectionmedium🔒---
124819Cisco IOS/IOS XE VLAN Trunking Protocol input validation [CVE-2018-0197]low🔒---
124818videowhisper-video-presentation Plugin vw_upload.php code injectionmedium🔒---
124817wp-db-backup Plugin Access Control Brute Force information disclosurelow🔒---
124816Karo Gem command injection [CVE-2014-10075]medium🔒---
124815Ice Cold Apps Servers Ultimate Network Services improper authenticationmedium🔒---
124814NetApp E-Series SANtricity OS Controller Software input validationmedium🔒---
124813IBM Financial Transaction Manager for Digital Payments for Multi-Platform sql injectionmedium🔒---
124812GNU libiberty cp-demangle.c cplus_demangle_type resource consumptionlow🔒---
124811ISPConfig Regular Expression incorrect regex [CVE-2018-17984]medium🔒---
124810Mercurial Manifest Entry manifest.c out-of-bounds readmedium🔒--🔒
124809Carestream Vue RIS/RIS Client Error information disclosure [CVE-2018-17891]low🔒---
124808Coast CMS Stored cross site scripting [CVE-2018-17876]low🔒---
124807Verba Collaboration Compliance Permission permission [CVE-2018-17872]medium🔒---
124806Verba Collaboration Compliance Access Control access controlmedium🔒---
124805Navigate CMS navigate_upload.php Stored cross site scriptinglow🔒---
124804IBM Financial Transaction Manager Log File information disclosurelow🔒---
124803PHP Scripts Mall Open Source Real-Estate Script img Directory path traversallow🔒---
124802PHP Scripts Mall Website Seller Script Keyword cross site scriptinglow🔒---
124801PHP Scripts Mall Market Place Script Keyword cross site scriptinglow🔒---
124800PHP Scripts Mall Domain Lookup Script Search Bar cross site scriptinglow🔒---
124799PHP Scripts Mall Olx Clone cross site scripting [CVE-2018-16326]low🔒---
124798IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1604]low🔒---
124797IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1603]low🔒---
124796IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1602]low🔒---
124795MediaWiki Web Access .htaccess information disclosuremedium🔒---
124794SuSE Linux SMT Sibling Server improper authentication [CVE-2018-12472]medium🔒--🔒
124793SuSE Linux SMT Blocking Element xml external entity referencemedium🔒--🔒
124792SuSE Linux SMT RegistrationSharing sql injection [CVE-2018-12470]medium🔒--🔒
124791Apache Tomcat URL redirect [CVE-2018-11784]medium🔒--🔒
124790MediaWiki BotPasswords access control [CVE-2018-0505]medium🔒--🔒
124789MediaWiki logid log filelow🔒--🔒
124788MediaWiki access control [CVE-2018-0503]medium🔒--🔒
124787Apache Pony Mail Statistics Generator information disclosurelow🔒---
124786VideoWhisper videowhisper-video-conference-integration Plugin vw_upload.php unrestricted uploadmedium🔒---
124785McAfee Threat Intelligence Exchange SSH Host Key Generation cryptographic issuesmedium🔒---
124784McAfee Data Loss Prevention Endpoint improper authenticationmedium🔒---
124783HP Printer/MFP cross-site request forgery [CVE-2018-5921]low🔒---
124782Foxit PDF Reader Javascript Engine use after free [CVE-2018-3995]medium🔒--🔒
124781Foxit PDF Reader Javascript Engine use after free [CVE-2018-3994]medium🔒--🔒
124780Foxit PDF Reader Javascript Engine use after free [CVE-2018-3993]medium🔒--🔒
124779Foxit PDF Reader Javascript Engine use after free [CVE-2018-3967]medium🔒--🔒
124778Foxit PDF Reader Javascript Engine use after free [CVE-2018-3966]medium🔒--🔒
124777Foxit PDF Reader Javascript Engine use after free [CVE-2018-3965]medium🔒--🔒
124776Foxit PDF Reader Javascript Engine use after free [CVE-2018-3964]medium🔒--🔒
124775Foxit PDF Reader Javascript Engine use after free [CVE-2018-3946]medium🔒--🔒
124774tcpreplay en10mb.c dlt_en10mb_encode memory corruptionmedium🔒--🔒
<
IDTitleVulDBCVSSSecuniaXForceNessus
124773Linux Kernel base.c proc_pid_stack access controllow🔒--🔒
124772Samsung SCX-6545X SNMP Service credentials management [CVE-2018-17969]low🔒---
124771ImageMagick bgr.c ReadBGRImage resource managementlow🔒---
124770ImageMagick pdb.c WritePDBImage resource managementlow🔒--🔒
124769ImageMagick sgi.c WriteSGIImage resource managementlow🔒--🔒
124768Snazzy Maps Plugin cross site scripting [CVE-2018-17947]low🔒---
124767Tribulant Slideshow Gallery Plugin cross site scripting [CVE-2018-17946]low🔒---
124766Gnulib vasnprintf.c convert_to_decimal memory corruptionmedium🔒--🔒
124765IBM WebSphere Application Server Oauth cross site scripting [CVE-2018-1794]low🔒---
124764Synacor Zimbra Collaboration input validation [CVE-2018-17938]medium🔒---
124763IBM WebSphere Application Server SAML cross site scripting [CVE-2018-1793]low🔒---
124762D-Link DIR-823G GoAhead Configuration HNAP1 password recoverymedium🔒---
124761D-Link DIR-823G GoAhead Configuration HNAP1 input validationlow🔒---
124760Multi-Tech FaxFinder sql injection [CVE-2018-17562]medium🔒---
124759Naviwebs Navigate CMS File Upload navigate_upload.php unrestricted uploadmedium🔒---
124758Naviwebs Navigate CMS login.php sql injectionmedium🔒---
124757strongSwan gmp Plugin memory corruption [CVE-2018-17540]medium🔒--🔒
124756OPAC EasyWeb Five sql injection [CVE-2018-17428]medium🔒---
124755Zahir Accounting Enterprise Plus CSV File memory corruption [CVE-2018-17408]medium🔒---
124754Progress Sitefinity CMS Identity Server cross site scriptinglow🔒---
124753Progress Sitefinity CMS Identity Server cross site scriptinglow🔒---
124752GitLab Community Edition/Enterprise Edition information disclosurelow🔒---
124751GitLab Community Edition/Enterprise Edition Merge Request Changes View Persistent cross site scriptinglow🔒---
124750GitLab Community Edition/Enterprise Edition Sidekiq Log log filelow🔒---
124749GitLab Community Edition/Enterprise Edition API Repository Storage improper authorizationmedium🔒---
124748Delta Electronics ISPSoft out-of-bounds read [CVE-2018-14800]medium🔒---
124747OPC Foundation UA Client Application certificate validation [CVE-2018-12087]medium🔒---
124746HP Notebook BIOS Password credentials managementlow🔒---
124745Google Android inode.c sdcardfs_mkdir access controlmedium🔒---
124744Google Android file.c sdcardfs_open use after freemedium🔒---
124743Google Android fork.c copy_process double freemedium🔒---
124742Google Android XfrmController.cpp ipSecSetEncapSocketOwner 7pk securitylow🔒---
124741Google Android smp_act.cc smp_proc_enc_info information disclosuremedium🔒---
124740Google Android smp_act.cc smp_proc_master_id information disclosuremedium🔒---
124739Google Android Bluetooth smp_act.cc smp_process_keypress_notification out-of-bounds readmedium🔒---
124738Google Android bta_av_act.cc bta_av_proc_meta_cmd out-of-bounds readmedium🔒---
124737Google Android avrc_api.cc avrc_msg_cback out-of-bounds readmedium🔒---
124736Google Android mca_cact.cc mca_ccb_hdl_req out-of-bounds readmedium🔒---
124735Google Android sdp_discovery.cc sdp_copy_raw_data out-of-bounds writemedium🔒---
124734Google Android rfc_ts_frames.cc rfc_process_mx_message out-of-bounds readmedium🔒---
124733Google Android Bluetooth Service rfc_ts_frames.cc rfc_process_mx_message out-of-bounds readmedium🔒---
124732Google Android Factory Reset Protection access control [CVE-2018-9501]medium🔒---
124731Google Android iCrypto.cpp readVector information disclosurelow🔒---
124730Google Android SkSampler.cpp Fill out-of-bounds writemedium🔒---
124729Google Android impeg2_format_conv.s impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 out-of-bounds writemedium🔒---
124728Google Android ixheaacd_esbr_fft.c ixheaacd_real_synth_fft_p3 out-of-bounds writemedium🔒---
124727Google Android Download Manager sql injection [CVE-2018-9493]medium🔒---
124726Google Android ActivityManagerService.java checkGrantUriPermissionLocked permissionmedium🔒---
124725Google Android NdkMediaCodec.cpp AMediaCodecCryptoInfo_new integer overflowmedium🔒---
124724Google Android elements.cc CollectValuesOrEntriesImpl type conversionmedium🔒---
124723Google Android Bluetooth Service avrc_pars_tg.cc avrc_pars_browsing_cmd use after freemedium🔒---
124722Google Android ihevcd_parse_headers.c ihevcd_parse_sei_payload integer overflowmedium🔒---
124721Google Android Layout.java getOffsetForHorizontal input validationlow🔒---
124720Lenovo IdeaPad BIOS Flash Device Lock race condition [CVE-2018-9069]medium🔒---
124719NVIDIA GeForce Experience GameStream information disclosure [CVE-2018-6262]low🔒---
124718NVIDIA GeForce Experience GameStream permission [CVE-2018-6261]medium🔒---
124717Foxit PDF Reader Javascript Engine use after free [CVE-2018-3962]medium🔒--🔒
124716Foxit PDF Reader Javascript Engine use after free [CVE-2018-3961]medium🔒--🔒
124715Foxit PDF Reader Javascript Engine use after free [CVE-2018-3960]medium🔒--🔒
124714Foxit PDF Reader Javascript Engine use after free [CVE-2018-3959]medium🔒--🔒
124713Foxit PDF Reader Javascript Engine use after free [CVE-2018-3958]medium🔒--🔒
124712Foxit PDF Reader Javascript Engine use after free [CVE-2018-3957]medium🔒--🔒
124711Foxit PDF Reader Javascript Engine use after free [CVE-2018-3944]medium🔒--🔒
124710Foxit PDF Reader Javascript Engine use after free [CVE-2018-3943]medium🔒--🔒
124709JEESNS Incomplete Fix cross site scripting [CVE-2018-17886]low🔒---
124708Gwolle Guestbook gb-dashboard-widget.php cross site scriptinglow🔒---
124707D-Link DIR-823G GoAhead Configuration HNAP1 command injectionmedium🔒---
124706D-Link DIR-823G ExportSettings.sh access controlmedium🔒---
124705Zoho ManageEngine AssetExplorer AssetDef.do Stored cross site scriptinglow🔒---
124704Fork CMS Backend ajax Stored cross site scriptinglow🔒---
124703AirTies Air 5443v2 top.html cross site scriptinglow🔒---
124702AirTies Air 5453 top.html cross site scriptinglow🔒---
124701AirTies Air 5343v2 top.html cross site scriptinglow🔒---
124700AirTies Air 5442 top.html cross site scriptinglow🔒---
124699AirTies Air 5650 top.html cross site scriptinglow🔒---
124698AirTies Air 5021 top.html cross site scriptinglow🔒---
124697AirTies Air 5750 top.html cross site scriptinglow🔒---
124696Django Password Hash credentials management [CVE-2018-16984]low🔒--🔒
124695IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1692]low🔒---
124694IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1691]low🔒---
124693IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1605]low🔒---
124692IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1601]low🔒---
124691IBM Multi-Cloud Data Encryption inadequate encryption [CVE-2018-1593]medium🔒---
124690MensaMax DES hard-coded credentials [CVE-2018-15753]medium🔒---
124689MensaMax information disclosure [CVE-2018-15752]medium🔒---
124688IBM Rational Collaborative Lifecycle Management Web UI cross site scriptinglow🔒---
124687IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1557]low🔒---
124686Intelliants Subrion CMS cross site scripting [CVE-2018-15563]low🔒---
124685IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1522]low🔒---
124684IBM Security Guardium EcoSystem Certificate Validation certificate validationmedium🔒---
124683IBM Security Guardium EcoSystem Credential Storage credentials managementlow🔒---
124682Entes EMG12 Web Interface input validation [CVE-2018-14826]medium🔒---
124681Entes EMG12 Web Interface information disclosure [CVE-2018-14822]low🔒---
124680IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1440]low🔒---
124679IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1439]low🔒---
124678IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1405]low🔒---
124677IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1404]low🔒---
124676IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1403]low🔒---
124675IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1395]low🔒---
124674openSUSE Open Build Service obs-service-tar_scm path traversalmedium🔒---
124673Puppet cisco_ios SSH Session Credentials credentials managementlow🔒---
124672Puppet cisco_ios SSH Connection input validation [CVE-2018-11750]medium🔒---
124671Puppet device_manager Configuration File Credentials credentials managementlow🔒---
124670Dell Digital Delivery DLL injection [CVE-2018-11072]medium🔒---
124669GE Communicator Gigasoft memory corruption [CVE-2017-7908]medium🔒---
124668IBM Rational Quality Manager Web UI cross site scripting [CVE-2017-1649]low🔒---
124667Atlantis Word Processor Office Open XML Parser memory corruptionmedium🔒---
124666Atlantis Word Processor Office Open XML Parser double free [CVE-2018-4000]medium🔒---
124665Atlantis Word Processor JPEG Parser memory corruption [CVE-2018-3999]medium🔒---
124664Atlantis Word Processor Windows Enhanced Metafile Parse memory corruptionmedium🔒---
124663Atlantis Word Processor Word Document Parser memory corruptionmedium🔒---
124662Atlantis Word Processor Word Document Parser out-of-bounds writemedium🔒---
124661Atlantis Word Processor Word Document Parser memory corruptionmedium🔒---
124660Atlantis Word Processor Word Document Parser out-of-bounds writemedium🔒---
124659Atlantis Word Processor RTF Parser out-of-bounds write [CVE-2018-3975]medium🔒---
124658ExpressionEngine Reflected cross site scripting [CVE-2018-17874]low🔒---
124657Btiteam XBTIT account_change.php redirectmedium🔒---
124656Dasan H660GW cross-site request forgery [CVE-2018-17869]low🔒---
124655Dasan H660GW Port Forwarding Stored cross site scriptinglow🔒---
124654Dasan H660GW Port Forwarding adv_nat_virsvr.asp command injectionmedium🔒---
124653IBM WebSphere Portal improper authentication [CVE-2018-1672]medium🔒---
124652TP-LINK TL-WRN841N Web Interface cross-site request forgery [CVE-2018-15702]low🔒---
124651TP-LINK TL-WRN841N Web Interface input validation [CVE-2018-15701]low🔒---
124650TP-LINK TL-WRN841N Web Interface input validation [CVE-2018-15700]low🔒---
124649Emerson AMS Device Manager access control [CVE-2018-14808]medium🔒---
124648Emerson AMS Device Manager Script code injection [CVE-2018-14804]medium🔒---
124647Fuji FRENIC LOADER Comment memory corruption [CVE-2018-14802]medium🔒---
124646Fuji FRENIC LOADER FNC File out-of-bounds read [CVE-2018-14798]low🔒---
124645Fuji Alpha5 Smart Loader Project File memory corruption [CVE-2018-14794]medium🔒---
124644Fuji FRENIC LOADER memory corruption [CVE-2018-14790]medium🔒---
124643Fuji Alpha5 Smart Loader File Parser memory corruption [CVE-2018-14788]medium🔒---
124642IBM WebSphere Portal Access Control access control [CVE-2018-1420]medium🔒---
124641Martem TELEM GW6-GWM RTU access control [CVE-2018-10605]medium🔒---
124640the-holiday-calendar Plugin cross site scripting [CVE-2015-9270]low🔒---
124639wordpress-mobile-pack Plugin JSON content.php information disclosurelow🔒---
124638SIMDComp Incomplete Fix out-of-bounds read [CVE-2018-17854]medium🔒---
124637WUZHI CMS card.php sql injectionmedium🔒---
124636JsonCpp json_reader.cpp readValue denial of servicelow🔒---
124635JsonCpp json_value.cpp clear denial of servicelow🔒---
124634Google Go html Package data processing [CVE-2018-17848]low🔒---
124633Google Go html Package input validation [CVE-2018-17847]low🔒---
124632Google Go html Package resource management [CVE-2018-17846]low🔒---
124631JTBC(PHP) path traversal [CVE-2018-17838]low🔒---
124630JTBC(PHP) input validation [CVE-2018-17837]medium🔒---
124629JTBC(PHP) input validation [CVE-2018-17836]medium🔒---
124628GetSimple CMS settings.php Stored cross site scriptinglow🔒---
124627WUZHI CMS index.php cross site scriptinglow🔒---
124626Redaxo list.php prepareQuery sql injectionmedium🔒---
124625Redaxo index.php cross site scriptinglow🔒---
124624ZZIPlib unzzipcat-mem.c unzzip_cat path traversalmedium🔒--🔒
124623HisiPHP AdminPlugins.php code injectionmedium🔒---
124622HisiPHP adduser.html cross-site request forgerylow🔒---
124621AdPlug emuopl.cpp CEmuopl double freelow🔒--🔒
124620SIMDComp out-of-bounds read [CVE-2018-17427]medium🔒---
124619Nullsoft Scriptable Install System Protection Mechanism Version.dll input validationlow🔒--🔒
124618Nullsoft Scriptable Install System Temp Folder access controllow🔒--🔒
124617zzcms ztconfig.php access controlmedium🔒---
124616zzcms zssave.php path traversalmedium🔒---
124615MRCMS WebParam.java getChannel sql injectionmedium🔒---
124614LibTIFF tiff2pdf.c t2p_write_pdf memory corruptionmedium🔒--🔒
124613GNU libiberty cplus-dem.c null pointer dereferencelow🔒---
124612Virtualenv Sandbox 7pk security [CVE-2018-17793]medium🔒---
124611Blynk blynk-server path traversal [CVE-2018-17785]medium🔒---
124610PTC ThingWorx Platform SQUEAL Search Reflected cross site scriptinglow🔒---
124609PTC ThingWorx Platform hard-coded credentials [CVE-2018-17217]medium🔒---
124608PTC ThingWorx Platform Password Hash information disclosure [CVE-2018-17216]low🔒---
124607Foxit PhantomPDF/Reader information disclosure [CVE-2018-17781]low🔒--🔒
124606Telegram Desktop/App P2P Connection IP Address information disclosurelow🔒---
124605Iomega/Lenovo/LenovoEMC NAS Password Change Session Token session fixiationmedium🔒---
124604Iomega/Lenovo/LenovoEMC NAS Self cross site scripting [CVE-2018-9081]low🔒---
124603Iomega/Lenovo/LenovoEMC NAS Cookie improper authentication [CVE-2018-9080]medium🔒---
124602Iomega/Lenovo/LenovoEMC NAS JavaScript DOM-Based argument injectionlow🔒---
124601Iomega/Lenovo/LenovoEMC NAS Content Explorer 7pk security [CVE-2018-9078]medium🔒---
124600Iomega/Lenovo/LenovoEMC NAS Share Name command injection [CVE-2018-9077]medium🔒---
124599Iomega/Lenovo/LenovoEMC NAS Share Name command injection [CVE-2018-9076]medium🔒---
124598Iomega/Lenovo/LenovoEMC NAS PersonalCloud Setup command injectionmedium🔒---
124597Iomega/Lenovo/LenovoEMC NAS Content Explorer path traversal [CVE-2018-9074]medium🔒---
124596FreeBSD IPv6 Protocol Control Block Flag null pointer dereferencelow🔒---
124595TP-LINK EAP Controller RMI Service missing authentication [CVE-2018-5393]medium🔒---
124594PCProtect Anti-Virus access control [CVE-2018-17776]low🔒---
124593FreeBSD Userland Kernel Memory information disclosuremedium🔒---
124592FreeBSD System Call freebsd4_getfsstat null pointer dereferencelow🔒---
124591IBM Platform Symphony/Spectrum Symphony redirect [CVE-2018-1704]low🔒---
124590IBM Platform Symphony/Spectrum Symphony XML Data xml external entity referencemedium🔒---
124589Dell EMC ESRS Policy Manager JMX Service config [CVE-2018-15764]medium🔒---
124588Trend Micro Deep Discovery Inspector Reflected cross site scriptinglow🔒---
124587389 Directory Server Search Query do_search resource managementlow🔒--🔒
124586Dell EMC Unity/UnityVSA redirect [CVE-2018-1251]medium🔒---
124585Dell EMC Unity/UnityVSA Unisphere improper authorization [CVE-2018-1250]medium🔒---
124584Dell EMC Unity/UnityVSA Unisphere Reflected cross site scriptinglow🔒---
124583Dell EMC RSA Authentication Manager Security Console Page Reflected cross site scriptinglow🔒--🔒
124582Dell EMC RSA Authentication Manager MadCap Flare Help File DOM-Based cross site scriptinglow🔒--🔒
124581Dell EMC RSA Authentication Manager Operations Console Stored cross site scriptinglow🔒--🔒
124580Telegram Desktop Proxy credentials management [CVE-2018-17613]medium🔒---
124579Foxit PhantomPDF/Reader use after free [CVE-2018-17611]medium🔒---
124578Foxit PhantomPDF/Reader use after free [CVE-2018-17610]medium🔒---
124577Foxit PhantomPDF/Reader use after free [CVE-2018-17609]medium🔒---
124576Foxit PhantomPDF/Reader use after free [CVE-2018-17608]medium🔒---
124575Foxit PhantomPDF/Reader use after free [CVE-2018-17607]medium🔒---
124574Asset Pipeline Plugin path traversal [CVE-2018-17605]medium🔒---
124573tcpreplay send_packets.c get_next_packet memory corruptionmedium🔒--🔒
124572Exiv2 crwimage_int.cpp readDirectory resource consumptionlow🔒---
124571tcpreplay send_packets.c fast_edit_packet memory corruptionmedium🔒--🔒
124570SWA SWA.JACAD sql injection [CVE-2018-17575]medium🔒---
124569YMFE YApi Project Stored cross site scriptinglow🔒---
124568Wp-Insert Plugin browser.html unrestricted uploadmedium🔒---
124567Vanilla Profile cross site scripting [CVE-2018-17571]low🔒---
124566HPE enhanced Internet Usage Manager input validation [CVE-2018-7109]medium🔒---
124565HPE StorageWorks XP7 Automation Director improper authenticationmedium🔒---
124564HPE Device Entitlement Gateway sql injection [CVE-2018-7107]medium🔒---
124563HPE iLO 4/iLO 5 information disclosure [CVE-2018-7106]low🔒---
124562HPE iLO 4/iLO 5 7pk security [CVE-2018-7105]medium🔒---
124561HPE Intelligent Management Center input validation [CVE-2018-7104]medium🔒---
124560HPE Intelligent Management Center input validation [CVE-2018-7103]medium🔒---
124559HPE Intelligent Management Center PLAT createFabricAutoCfgFile path traversalmedium🔒---
124558HPE iLO 4/iLO 5 input validation [CVE-2018-7101]low🔒---
124557IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1820]low🔒---
124556Jekyll _config.yml link followingmedium🔒---
124555AlphaIndex Dictionaries sql injection [CVE-2018-17397]medium🔒---
124554Timetable Schedule sql injection [CVE-2018-17394]medium🔒---
124553Super CMS Blog Pro authors_post.php sql injectionmedium🔒---
124552Social Factory sql injection [CVE-2018-17385]medium🔒---
124551Swap Factory sql injection [CVE-2018-17384]medium🔒---
124550Collection Factory sql injection [CVE-2018-17383]medium🔒---
124549Jobs Factory sql injection [CVE-2018-17382]medium🔒---
124548Article Factory Manager sql injection [CVE-2018-17380]medium🔒---
124547Raffle Factory sql injection [CVE-2018-17379]medium🔒---
124546Penny Auction Factory sql injection [CVE-2018-17378]medium🔒---
124545Questions sql injection [CVE-2018-17377]medium🔒---
124544Reverse Auction Factory sql injection [CVE-2018-17376]medium🔒---
124543Music Collection sql injection [CVE-2018-17375]medium🔒---
124542IBM WebSphere Portal redirect [CVE-2018-1736]medium🔒---
124541IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1716]low🔒--🔒
124540Progress Sitefinity CMS ServiceStack cross site scripting [CVE-2018-17056]low🔒---
124539Progress Sitefinity CMS Image Upload unrestricted upload [CVE-2018-17055]medium🔒---
124538Rausoft ID.prove Login Page sql injection [CVE-2018-16659]medium🔒---
124537IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1660]low🔒--🔒
124536Open Ticket Request System Email input validation [CVE-2018-16587]low🔒--🔒
124535Open Ticket Request System Email External input validationmedium🔒--🔒
124534XWiki Image Import cross site scripting [CVE-2018-16277]low🔒---
124533Avaya Aura Communication Manager Local System Administration access controlmedium🔒---
124532CMS ISWEB downloadFile.php path traversalmedium🔒---
124531CMS ISWEB sql injection [CVE-2018-14956]medium🔒---
124530Delta Electronics Delta Industrial Automation PMSoft out-of-bounds readmedium🔒---
124529sos-collector Permission tmp permissionlow🔒--🔒
124528Progress Kendo UI Editor WYSIWYG Editor kendo.all.min.js toEditableHtml Reflected cross site scriptinglow🔒---
124527Philips e-Alert Unit hard-coded credentials [CVE-2018-8856]medium🔒---
124526Philips e-Alert Unit resource consumption [CVE-2018-8854]low🔒---
124525Philips e-Alert Unit Session Identifier session fixiation [CVE-2018-8852]medium🔒---
124524Philips e-Alert Unit input validation [CVE-2018-8850]medium🔒---
124523Philips e-Alert Unit permission [CVE-2018-8848]medium🔒---
124522Philips e-Alert Unit cross site scripting [CVE-2018-8846]medium🔒---
124521Philips e-Alert Unit cross-site request forgery [CVE-2018-8844]medium🔒---
124520Philips e-Alert Unit information disclosure [CVE-2018-8842]medium🔒---
124519Huawei Toronto-TL10 information disclosure [CVE-2018-7907]low🔒---
124518ZTE MF65/MF65M1 Reflected cross site scripting [CVE-2018-7355]low🔒---
124517Lithium Epee Library Deserialization deserialization [CVE-2018-3972]medium🔒---
124516IBM Tivoli Storage Manager inadequate encryption [CVE-2018-1785]low🔒---
124515IBM Spectrum Protect Plus Instrumentation Log File log file [CVE-2018-1768]low🔒---
124514ViaBTC Exchange Server ut_ws_svr.c integer overflowmedium🔒---
124513ViaBTC Exchange Server nw_buf.c integer overflowmedium🔒---
124512ViaBTC Exchange Server ut_rpc.c integer overflowmedium🔒---
124511Quest ThinkPHP sql injection [CVE-2018-17566]medium🔒---
124510MODX Revolution Create New Media Source Stored cross site scriptinglow🔒---
124509Arris TG2492LG-NA 061213 snmpGet information disclosurelow🔒---
124508AXON Evidence Sync Process injection [CVE-2018-17538]medium🔒---
124507iWay Data Quality Suite Web Console xml external entity referencemedium🔒---
124506Horus CMS busca sql injectionmedium🔒---
124505SeaCMS input validation [CVE-2018-17365]medium🔒---
124504Ricoh MP C6003 Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124503Ricoh MP C2003 Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124502Ricoh Aficio MP 305+ Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124501Ricoh MP C307 Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124500Ricoh Aficio MP 301 Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124499Ricoh MP C6503 Plus Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124498Ricoh MP C1803 JPN Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124497Ricoh MP C406Z Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124496AssoCIateD Postman X.509 Certificate Validation certificate validationlow🔒---
124495LINE e108 cross-site request forgery [CVE-2018-17081]low🔒---
124494Citrix ShareFile StorageZones Controller Error Message information disclosurelow🔒---
124493Citrix ShareFile StorageZones Controller path traversal [CVE-2018-16968]medium🔒---
124492IBM WebSphere Application Server Liberty ORB Communication information disclosuremedium🔒---
124491IObit Advanced SystemCare Monitor_win10_x64.sys memory corruptionmedium🔒---
124490IObit Advanced SystemCare Monitor_win10_x64.sys Memory information disclosurelow🔒---
124489IObit Advanced SystemCare Monitor_win10_x64.sys memory corruptionmedium🔒---
124488Circontrol CirCarLife JSON setup.json information disclosurelow🔒---
124487SuSE Linux Enterprise shadow Package useradd.c access controllow🔒--🔒
124486Zoho ManageEngine Applications Manager SMB Share deserializationmedium🔒---
124485Exponent strongSwan IKEv2 Authentication gmp_rsa_public_key.c verify_emsa_pkcs1_signature signature verificationmedium🔒--🔒
124484Exponent strongSwan IKEv2 Authentication gmp_rsa_public_key.c verify_emsa_pkcs1_signature signature verificationmedium🔒--🔒
124483IBM Rational Doors Next Generation Web UI cross site scriptinglow🔒---
124482pfSense status_interfaces.php dhcp_relinquish_lease command injectionmedium🔒--🔒
124481Exponent Openswan IKEv2 Signature Bleichenbacher signature verificationmedium🔒---
124480SalesAgility SuiteCRM Error Message cross site scripting [CVE-2018-15606]low🔒---
124479Quest JavaMelody PayloadNameRequestWrapper.java parseSoapMethodName xml external entity referencemedium🔒---
124478IBM Spectrum Protect access control [CVE-2018-1550]low🔒---
124477IBM Tivoli Storage Manager inadequate encryption [CVE-2018-1545]medium🔒---
124476Fuji Electric V-Server memory corruption [CVE-2018-14823]medium🔒---
124475Fuji Electric V-Server out-of-bounds read [CVE-2018-14819]medium🔒---
124474Fuji Electric V-Server integer underflow [CVE-2018-14817]medium🔒---
124473Fuji Electric V-Server out-of-bounds write [CVE-2018-14815]medium🔒---
124472Fuji Electric V-Server memory corruption [CVE-2018-14813]medium🔒---
124471Fuji Electric V-Server null pointer dereference [CVE-2018-14811]medium🔒---
124470Fuji Electric V-Server use after free [CVE-2018-14809]medium🔒---
124469Philips e-Alert Unit HTTP Response Header Banner information disclosurelow🔒---
124468Alcatel EE EE40VB 4G OSPREY3_MINI Modem ServiceManager.exe access controllow🔒---
124467WECON LeviStudio Project File memory corruption [CVE-2018-10606]medium🔒---
124466WECON LeviStudio Project File memory corruption [CVE-2018-10602]medium🔒---
124465Inedo ProGet Advanced Settings cross-site request forgery [CVE-2017-15608]low🔒---
124464Google Chrome Omnibox input validation [CVE-2018-6119]medium🔒--🔒
124463Google Chrome Catalog Service input validation [CVE-2018-6055]medium🔒--🔒
124462IBM DataPower Gateway XML Data xml external entity referencemedium🔒---
124461IBM DataPower Gateway Appliance AMP Management Interface Credentials 7pk securitylow🔒---
124460IBM Rational Engineering Lifecycle Manager Web UI cross site scriptinglow🔒---
124459IBM Rational Engineering Lifecycle Manager XML Data xml external entity referencemedium🔒---
124458IBM Rational Engineering Lifecycle Manager XML Data xml external entity referencemedium🔒---
124457IBM Rational Engineering Lifecycle Manager Web UI cross site scriptinglow🔒---
124456IBM Rational Engineering Lifecycle Manager improper authenticationmedium🔒---
124455Linux Kernel create_elf_tables integer overflowlow🔒--🔒
124454Adobe Acrobat Reader out-of-bounds read [CVE-2018-12850]low🔒--🔒
124453Adobe Acrobat Reader out-of-bounds read [CVE-2018-12849]low🔒--🔒
124452Adobe Acrobat Reader out-of-bounds write [CVE-2018-12848]medium🔒--🔒
124451Adobe Acrobat Reader out-of-bounds read [CVE-2018-12840]low🔒--🔒
124450Adobe Acrobat Reader out-of-bounds read [CVE-2018-12801]low🔒--🔒
124449Adobe Acrobat Reader out-of-bounds read [CVE-2018-12778]low🔒--🔒
124448Adobe Acrobat Reader out-of-bounds read [CVE-2018-12775]low🔒--🔒
124447Apache HTTP Server SETTINGS Frame input validation [CVE-2018-11763]low🔒--🔒
124446McAfee True Key Microsoft Windows Client untrusted search pathlow🔒---
124445McAfee True Key cross site scripting [CVE-2018-6682]low🔒---
124444HDF5 H5S.c H5S_extent_get_dims memory corruptionmedium🔒---
124443HDF5 H5Dselect.c H5D__select_io divide by zerolow🔒---
124442HDF5 H5Odtype.c H5O_dtype_decode_helper resource managementlow🔒---
124441HDF5 decompress.c ReadCode out-of-bounds writelow🔒---
124440HDF5 H5Oattr.c H5O_attr_decode memory corruptionmedium🔒---
124439HDF5 h5repack_filters.c apply_filters divide by zerolow🔒---
124438HDF5 gifread.c ReadGifImageDesc memory corruptionmedium🔒---
124437HDF5 H5Osdspace.c H5O_sdspace_encode null pointer dereferencelow🔒---
124436Asterisk PBX res_http_websocket.so resource managementlow🔒--🔒
124435Tgstation tgstation-server Login Cache credentials managementmedium🔒---
124434Localize My Post Plugin include.php path traversalmedium🔒---
124433Wechat Broadcast Plugin Image.php path traversalmedium🔒---
124432Avaya Management System Supervisor information disclosure [CVE-2018-15615]low🔒---
124431Honeywell EDA51 Application access control [CVE-2018-14825]medium🔒---
124430Python Elementtree C Accelerator Collision resource managementlow🔒--🔒
124429Linux Kernel ISCSI Target Code chap_server_compute_md5 memory corruptionmedium🔒--🔒
124428Samsung Galaxy S8 IPCP Header input validation [CVE-2018-14318]medium🔒---
124427Druide Antidote access control [CVE-2018-13140]medium🔒---
124426CryptoSaga random RNG weak prngmedium🔒---
124425Samsung Members Intent access control [CVE-2018-11614]medium🔒---
124424Samsung GALAXY Apps Staging Mode access control [CVE-2018-10502]low🔒---
124423Samsung Notes ZIP File access control [CVE-2018-10501]low🔒---
124422Samsung GALAXY Apps Push Message access control [CVE-2018-10500]medium🔒---
124421Samsung GALAXY Apps URL input validation [CVE-2018-10499]low🔒---
124420Samsung Email file:// information disclosure [CVE-2018-10498]low🔒---
124419Samsung Email EML File access control [CVE-2018-10497]low🔒---
124418Samsung Internet Browser input validation [CVE-2018-10496]medium🔒---
124417RXTEC RXAdmin sql injection [CVE-2015-8298]medium🔒---
124416TeX Live Type 1 Font writet1.c memory corruptionmedium🔒--🔒
124415SBIbuddy information disclosure [CVE-2018-17404]medium🔒---
124414PhonePe Wallet com.PhonePe.app credentials managementmedium🔒---
124413PhonePe Wallet com.PhonePe.app information disclosurelow🔒---
124412PhonePe Wallet Forgot Password com.PhonePe.app password recoverymedium🔒---
124411PhonePe Wallet com.PhonePe.app credentials managementmedium🔒---
124410springboot_authority Stored cross site scripting [CVE-2018-17369]low🔒---
124409PublicCMS Username credentials management [CVE-2018-17368]low🔒---
124408MCMS save.do cross-site request forgerylow🔒---
124407OTCMS code injection [CVE-2018-17364]medium🔒---
124406WeaselCMS index.php cross site scriptinglow🔒---
124405GNU binutils BFD Library libbfd.c bfd_getl32 memory corruptionmedium🔒---
124404GNU binutils BFD Library opncls.c bfd_zalloc memory corruptionlow🔒---
124403GNU binutils BFD Library syms.c _bfd_stab_section_find_nearest_line memory corruptionlow🔒---
124402BigTree CMS Rewrite Routing launch.php improper authenticationmedium🔒---
124401pdfalto XmlAltoOutputDev.cc dump memory corruptionmedium🔒---
124400udisks udiskslogging.c udisks_log format stringmedium🔒--🔒
124399libsvg2 svg_string.c svgGetNextPathField memory corruptionmedium🔒---
124398libsvg2 svg_types.c svgStringToLength memory corruptionmedium🔒---
124397libsvg2 svg_string.c svgGetNextPathField resource managementlow🔒---
124396Subsonic Media Server podcastReceiverAdmin.view Stored cross site scriptinglow🔒---
124395Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124394Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124393Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124392Samsung SmartThings Hub Video-Core HTTP Server memory corruptionmedium🔒---
124391Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server clips memory corruptionmedium🔒---
124390Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124389Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124388Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124387Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruptionmedium🔒---
124386YUNUCMS index cross site scriptinglow🔒---
124385SeaCMS admin_datarelate.php cross site scriptinglow🔒---
124384UCMS aaddpost.php Stored cross site scriptinglow🔒---
124383FruityWifi PatataWifi command injectionmedium🔒---
124382xtimor NMEA Library parser.c nmea_parse memory corruptionmedium🔒---
124381LG SuperSign CMS getThumbnail code injectionmedium🔒---
124380HylaFAX/HylaFAX+ Dial-In Session CopyQuality.c++ writeECMData input validationmedium🔒--🔒
124379PolyAI mintToken integer overflowmedium🔒---
124378LimeSurvey Stored cross site scripting [CVE-2018-17003]low🔒---
124377Ricoh MP 2001 adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124376Ricoh Printer Wizard adrsSetUserWizard.cgi Stored cross site scriptinglow🔒---
124375Zoho ManageEngine SupportCenter Plus ServiceContractDef.do Stored cross site scriptinglow🔒---
124374Zoho ManageEngine Desktop Central Features / Articles cross site scriptinglow🔒---
124373SeaCMS admin_video.php sql injectionmedium🔒---
124372SeaCMS admin_template.php Directory unrestricted uploadlow🔒---
124371Microsoft Exchange Server Outlook Web Access logon.aspx server-side request forgerymedium🔒---
124370DeDeCMS feedback_ajax.php cross site scriptinglow🔒---
124369DeDeCMS xml injection [CVE-2018-16784]medium🔒---
124368Linux Kernel overlayfs Mount access control [CVE-2018-16597]medium🔒--🔒
124367DIESER Profields - Project Custom Fields Access Control access controlmedium🔒---
124366Avaya Aura Orchestration Designer Runtime Config cross site scriptinglow🔒---
124365Avaya Aura Orchestration Designer Runtime Config cross-site request forgerylow🔒---
124364Vectra Cognito Brain/Cognito Sensor Management Console access controlmedium🔒---
124363Vectra Cognito Brain/Cognito Sensor Web Management Console cross site scriptinglow🔒---
124362Vectra Cognito Brain/Cognito Sensor CouchDB input validationmedium🔒---
124361webpack-dev-server WebSocket Server Server.js input validationmedium🔒---
124360Parcel parcel-bundler WebSocket Server HMRServer.js Message information disclosurelow🔒---
124359Browserify-HMR WebSocket Server information disclosure [CVE-2018-14730]medium🔒---
124358SubSonic tagService.setTags.dwr Stored cross site scriptinglow🔒---
124357SubSonic General Settings Stored cross site scriptinglow🔒---
124356SubSonic Transcoding Setting Stored cross site scriptinglow🔒---
124355SubSonic internetRadioSettings.view Stored cross site scriptinglow🔒---
124354Wanscam HW0021 ONVIF Service input validation [CVE-2018-13111]low🔒---
124353Substratum mintToken integer overflowmedium🔒---
124352Intel Core Processor Platform Sample Code Firmware improper authenticationmedium🔒---
124351Wallabag Configuration Page Stored cross site scriptinglow🔒---
124350SoftCase T-Router crontab File access controllow🔒---
124349SoftCase T-Router Protocol permission [CVE-2018-11240]medium🔒---
124348gitolite Setup File information disclosurelow🔒--🔒
124347gitolite .gitolite.rc access controlmedium🔒---
124346Apache Mesos String Comparison validation information disclosurelow🔒---
124345EspoCRM Draft Message wysiwyg.js Stored cross site scriptinglow🔒---
124344EspoCRM Search Panel name-field.tpl Reflected cross site scriptinglow🔒---
124343CuppaCMS cu_menus Stored cross site scriptinglow🔒---
124342Enalean Tuleap Password Reset password recovery [CVE-2018-17298]medium🔒---
124341Hutool ZipUtil.java unzip path traversalmedium🔒---
124340Liblouis lou_translateString.c matchCurrentInput out-of-bounds readlow🔒--🔒
124339WAVM wavm.cpp run null pointer dereferencemedium🔒---
124338WAVM CLI.h loadModule out-of-bounds readlow🔒---
124337Zoho ManageEngine OpManager oputilsServlet sql injectionmedium🔒---
124336IBM DB2 access control [CVE-2018-1711]medium🔒---
124335IBM DB2 db2licm memory corruption [CVE-2018-1710]medium🔒---
124334IBM DB2 db2cacpy information disclosure [CVE-2018-1685]low🔒---
124333HAProxy HPACK Decoder hpack_valid_idx out-of-bounds readlow🔒--🔒
124332Foreman smart_proxy_dynflow improper authentication [CVE-2018-14643]medium🔒--🔒
124331ArcSight Management Center 7pk security [CVE-2018-6505]low🔒---
124330ArcSight Management Center cross-site request forgery [CVE-2018-6504]low🔒---
124329ArcSight Management Center Access Control access control [CVE-2018-6503]medium🔒---
124328ArcSight Management Center Reflected cross site scripting [CVE-2018-6502]low🔒---
124327ArcSight Management Center Access Control access control [CVE-2018-6501]medium🔒---
124326ArcSight Management Center path traversal [CVE-2018-6500]medium🔒---
124325Qualcomm Snapdragon Automobile MAC Address Randomizer cryptographic issueslow🔒---
124324Qualcomm Snapdragon Automobile MAC Address Randomizer RNG cryptographic issueslow🔒---
124323Samsung SmartThings Hub STH-ETH-250 WifiScan memory corruptionmedium🔒---
124322Samsung SmartThings Hub STH-ETH-250 WifiScan memory corruptionmedium🔒---
124321IBM Sterling B2B Integrator Standard Edition Installation information disclosurelow🔒---
124320Exiv2 value.cpp copy null pointer dereferencelow🔒---
124319Navigate CMS navigate.php Reflected cross site scriptinglow🔒---
124318JCK Editor links.php sql injectionmedium🔒---
124317Zoho ManageEngine OpManager Global Search sql injection [CVE-2018-17243]medium🔒---
124316HDF5 H5Dchunk.c H5D__chunk_set_info_real divide by zerolow🔒---
124315libmp4v2 mp4property.cpp MP4Free use after freemedium🔒---
124314libmp4v2 MP4 File mp4track.cpp FinishSdtp out-of-bounds readmedium🔒---
124313HDF5 H5Ocache.c H5O__chunk_deserialize resource managementlow🔒---
124312HDF5 HDF File H5Dchunk.c H5D__create_chunk_file_map_hyper divide by zerolow🔒---
124311docmarionum1 Slack ArchiveBot archivebot.py cursor.execute sql injectionmedium🔒---
124310Link-Net LW-N605R Ping systools.asp input validationmedium🔒---
124309IBM Business Process Manager Back-End Database sql injectionmedium🔒---
124308Moxa EDR-810 net_WebCADELETEGetValue os command injectionmedium🔒---
124307Ubisoft Uplay Desktop Client URI upc.exe input validationmedium🔒---
124306Rockwell RSLinx Classic Service Port 44818 memory corruptionmedium🔒---
124305Rockwell RSLinx Classic Service Port 44818 resource consumptionlow🔒---
124304Rockwell RSLinx Classic Service Port 44818 memory corruptionlow🔒---
124303Tec4Data SmartCooler missing authentication [CVE-2018-14796]low🔒---
124302CWJoomla CW Article Attachments PRO Extension download.php sql injectionmedium🔒---
124301Qualcomm Snapdragon Mobile/Snapdragon Wear ASN.1 double freemedium🔒---
124300Qualcomm Snapdragon Automobile WLANWMI Command memory corruptionmedium🔒---
124299Qualcomm Snapdragon Automobile Random Number Generator cryptographic issueslow🔒---
124298Qualcomm Snapdragon Automobile MAC Address Random cryptographic issuesmedium🔒---
124297Qualcomm Snapdragon Automobile Video input validation [CVE-2018-11287]medium🔒---
124296Qualcomm Snapdragon Automobile FLAC File out-of-bounds read [CVE-2018-11285]medium🔒---
124295Qualcomm Snapdragon Automobile Access Control access controlmedium🔒---
124294Qualcomm Snapdragon Automobile TFTP Option Parser array indexmedium🔒---
124293Qualcomm Snapdragon Automobile TFTP Option Parser array indexmedium🔒---
124292Qualcomm Snapdragon Automobile Deviceprogrammer/Firehose array indexmedium🔒---
124291Qualcomm Snapdragon Automobile TZ Cold Boot access control [CVE-2017-18314]high🔒---
124290Qualcomm Snapdragon Automobile/Snapdragon Mobile HLOS Client Kernel Memory race conditionmedium🔒---
124289Qualcomm Snapdragon Automobile ICE Regulator null pointer dereferencelow🔒---
124288Qualcomm Snapdragon Automobile SPI-I2C Interface access controllow🔒---
124287BlackBerry Enterprise Mobility Server path traversal [CVE-2018-8889]low🔒---
124286Apache Tika IptcAnpaParser resource management [CVE-2018-8017]low🔒---
124285Google Android DIAG Service memory corruption [CVE-2018-5905]medium🔒---
124284Elasticsearch Alerting/Monitoring API Credentials information disclosurelow🔒--🔒
124283Kibana Source Field Formatter cross site scripting [CVE-2018-3830]low🔒--🔒
124282Elastic Cloud Enterprise Roles Token access control [CVE-2018-3829]medium🔒---
124281Elastic Cloud Enterprise Log Credentials log filelow🔒---
124280Elasticsearch repository-azure Plugin Log Credentials credentials managementlow🔒--🔒
124279Elasticsearch Snapshot API information disclosure [CVE-2018-3826]medium🔒--🔒
124278Elastic Cloud Enterprise Master Encryption Key cryptographic issuesmedium🔒---
124277X-Pack Machine Learning ML Job cross site scripting [CVE-2018-3824]low🔒--🔒
124276X-Pack Machine Learning Jobs cross site scripting [CVE-2018-3823]low🔒--🔒
124275Google Android Linux Kernel input validation [CVE-2018-3574]medium🔒---
124274Google Android Linux Kernel memory corruption [CVE-2018-3573]medium🔒---
124273IBM Spectrum Scale GPFS File System 7pk security [CVE-2018-1782]medium🔒---
124272Telegram Desktop Search input validation [CVE-2018-17231] [Disputed]low🔒---
124271Exiv2 types.cpp ul2Data memory corruptionmedium🔒---
124270Exiv2 types.cpp d2Data memory corruptionmedium🔒---
124269nmap4j command injection [CVE-2018-17228]medium🔒---
124268Linksys Velop Web Interface zbtest.cgi command injectionlow🔒---
124267Snap Creek Duplicator installer.php code injectionmedium🔒---
124266Open vSwitch ofp-actions.c decode_bundle out-of-bounds readmedium🔒--🔒
124265Open vSwitch ofproto.c ofproto_rule_insert__ input validationlow🔒--🔒
124264Open vSwitch ofp-util.c input validation [CVE-2018-17204]medium🔒--🔒
124263Artifex Ghostscript Error input validation [CVE-2018-17183]medium🔒---
124262Linux Kernel vmacache.c vmacache_flush_all use after freemedium🔒--🔒
124261Bitcoin Core/Bitcoin Knots Duplicate Input input validation [CVE-2018-17144]low🔒--🔒
124260DeDeCMS Script File XML xml injectionmedium🔒---
124259Open-AudIT Professional Orgs Page cross site scripting [CVE-2018-16607]low🔒---
124258WECON PLC Editor memory corruption [CVE-2018-14792]medium🔒---
124257Symantec Messaging Gateway XML Parser xml external entity referencemedium🔒--🔒
124256Symantec Messaging Gateway improper authentication [CVE-2018-12242]medium🔒--🔒
124255Google Android Callback null pointer dereference [CVE-2018-11904]low🔒---
124254Google Android WLAN Host out-of-bounds write [CVE-2018-11903]medium🔒---
124253Google Android WLAN Host array index [CVE-2018-11902]medium🔒---
124252Google Android bss Request out-of-bounds read [CVE-2018-11898]medium🔒---
124251Google Android Diag Event out-of-bounds read [CVE-2018-11897]medium🔒---
124250Google Android WLAN memory corruption [CVE-2018-11895]medium🔒---
124249Google Android Network Offload Scan integer overflow [CVE-2018-11894]medium🔒---
124248Google Android Scan Request memory corruption [CVE-2018-11893]medium🔒---
124247Google Android WLAN Host array index [CVE-2018-11891]medium🔒---
124246Google Android rssi memory corruption [CVE-2018-11889]medium🔒---
124245Google Android MPDU Data Length integer overflow [CVE-2018-11886]medium🔒---
124244Google Android WLAN array index [CVE-2018-11883]medium🔒---
124243Google Android WLAN memory corruption [CVE-2018-11878]medium🔒---
124242Apache Tika evil.bat" path traversallow🔒---
124241Apache Tika XML Parser Entity Expansion xml external entity referencelow🔒---
124240NUUO NVRMini2 moses 7pk securitymedium🔒--🔒
124239NUUO NVRMini2 cgi_system memory corruption [CVE-2018-1149]medium🔒--🔒
124238Foscam C1 Indoor HD Camera UPnP Implementation memory corruptionmedium🔒---
124237Foscam C1 Indoor HD Camera Web Management Interface memory corruptionmedium🔒---
124236Foscam C1 Indoor HD Camera Multi-Camera Interface access controlmedium🔒---
124235Foscam C1 Indoor HD Camera Multi-Camera Interface memory corruptionmedium🔒---
124234Foscam C1 Indoor HD Camera Multi-Camera Interface memory corruptionmedium🔒---
124233Foscam C1 Indoor HD Camera Web Management Interface command injectionmedium🔒---
124232Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2855]high🔒---
124231IBM Tivoli Monitoring access control [CVE-2017-1794]medium🔒---
124230Huawei Mate 10 Factory Reset Protection 7pk security [CVE-2018-7991]medium🔒---
124229Huawei Mate RS Lock Screen access control [CVE-2018-7929]medium🔒---
124228ENSLTP access control [CVE-2018-6693]low🔒---
124227McAfee Application/Change Control Microsoft Windows Client access controlmedium🔒---
124226Neato Botvac Connected Drive Command webserver improper authorizationmedium🔒---
124225Neato Botvac Connected/Botvac 85 Black Box Log rc4_crypt RC4 inadequate encryptionmedium🔒---
124224Neato Botvac Connected Manual Control Mode webserver improper authenticationmedium🔒---
124223Marshmallow Library 7pk security [CVE-2018-17175]low🔒--🔒
124222Western Digital My Cloud improper authentication [CVE-2018-17153]medium🔒---
124221Coinlancer Access Control access control [CVE-2018-17111]medium🔒---
124220Lucky9io weak prng [CVE-2018-17071]low🔒---
124219Monstra CMS index.php Listing path traversallow🔒---
124218Monstra CMS index.php path traversallow🔒---
124217Microsoft Windows Active Directory Federation Services ls server-side request forgerymedium🔒---
124216Circontrol CirCarLife device-id information disclosurelow🔒---
124215Circontrol CirCarLife PLC Status devstat.html improper authenticationlow🔒---
124214Circontrol CirCarLife/PowerStudio Open Charge Point Protocol config.xml Credentials credentials managementlow🔒---
124213Circontrol CirCarLife repository information disclosuremedium🔒---
124212Matrix Synapse Signature Validation access control [CVE-2018-16515]medium🔒--🔒
124211QBee MultiSensor Camera Reuse improper authentication [CVE-2018-16225]medium🔒---
124210AccuSoft PrizmDoc PDF File Stored cross site scriptinglow🔒---
124209Undertow write information disclosurelow🔒---
124208Linux Kernel ip_fragment.c ip_frag_reasm input validationmedium🔒--🔒
124207Smarty isTrustedResourceDir path traversalmedium🔒---
124206Atlassian FishEye/Crucible cross-site request forgery [CVE-2018-13398]low🔒---
124205Google Android WMA memory corruption [CVE-2018-11869]medium🔒---
124204Google Android nan Response Event memory corruption [CVE-2018-11868]medium🔒---
124203Google Android WMA Roam Synchronization memory corruption [CVE-2018-11863]medium🔒---
124202Google Android ndp Event memory corruption [CVE-2018-11860]medium🔒---
124201Google Android WMA API out-of-bounds write [CVE-2018-11852]medium🔒---
124200Google Android Linux Kernel out-of-bounds write [CVE-2018-11851]medium🔒---
124199Google Android WMA Response use after free [CVE-2018-11843]medium🔒---
124198Google Android WLAN Driver Free memory corruptionlow🔒---
124197Google Android WLAN Driver double free [CVE-2018-11840]low🔒---
124196Google Android WLAN memory corruption [CVE-2018-11836]medium🔒---
124195Google Android Size Validation input validation [CVE-2018-11832]medium🔒---
124194Google Android WMA Roam Synchronization array index [CVE-2018-11827]medium🔒---
124193Google Android WLAN ext scan memory corruption [CVE-2018-11826]medium🔒---
124192Google Android LUT Config use after free [CVE-2018-11818]medium🔒---
124191Apache Karaf WebConsole improper authentication [CVE-2018-11787]medium🔒---
124190Apache Karaf sshd access control [CVE-2018-11786]medium🔒---
124189Google Android WLAN input validation [CVE-2018-11302]medium🔒---
124188Google Android Debug Log Event integer underflow [CVE-2018-11301]medium🔒---
124187Google Android Thread use after free [CVE-2018-11300]medium🔒---
124186Google Android WLAN FW array index [CVE-2018-11299]medium🔒---
124185Google Android memory corruption [CVE-2018-11298]medium🔒---
124184Google Android WMA NDP Event Handler Function out-of-bounds readmedium🔒---
124183Google Android WLAN out-of-bounds write [CVE-2018-11296]medium🔒---
124182Google Android WMA out-of-bounds write [CVE-2018-11295]medium🔒---
124181Google Android WLAN input validation [CVE-2018-11294]medium🔒---
124180Google Android out-of-bounds read [CVE-2018-11293]medium🔒---
124179Google Android Multi-Threading use after free [CVE-2018-11286]medium🔒---
124178Google Android Header Checker use after free [CVE-2018-11281]medium🔒---
124177Google Android NAT Entry Input input validation [CVE-2018-11280]low🔒---
124176Google Android Linux Kernel out-of-bounds read [CVE-2018-11278]low🔒---
124175Google Android Linux Kernel double free [CVE-2018-11276]medium🔒---
124174Google Android FastbootLib information disclosure [CVE-2018-11275]low🔒---
124173Google Android Linux Kernel memory corruption [CVE-2018-11274]medium🔒---
124172Google Android Linux Kernel double free [CVE-2018-11273]medium🔒---
124171Google Android Linux Kernel probe double freelow🔒---
124170Google Android Linux Kernel memcpy memory corruptionmedium🔒---
124169Cloud Foundry Garden-runC File Attribute access control [CVE-2018-11084]medium🔒---
124168Dell EMC Isilon OneFS/EMC IsilonSD Edge Process input validationlow🔒---
124167Python Software Foundation CPython shutil Module command injectionmedium🔒--🔒
124166Open-Xchange Webmail Time Tag cross site scripting [CVE-2017-6913]low🔒---
124165McAfee Application/Change Control CLI command injection [CVE-2017-3912]medium🔒---
124164Google Android Flash out-of-bounds read [CVE-2017-15844]medium🔒---
124163Google Android Keystore LK integer overflow [CVE-2017-15828]medium🔒---
124162Google Android gpt Update out-of-bounds read [CVE-2017-15825]medium🔒---
124161Google Android qseecom integer overflow [CVE-2017-15818]medium🔒---
124160Oracle WebCenter Interaction Username information disclosurelow🔒---
124159Oracle WebCenter Interaction Portal Session Cookie httponly 7pk securitymedium🔒---
124158Oracle WebCenter Interaction Search Service queryd.exe hard-coded credentialsmedium🔒---
124157Oracle WebCenter Interaction AjaxControl input validation [CVE-2018-16956]low🔒---
124156Oracle WebCenter Interaction login Reflected cross site scriptinglow🔒---
124155Oracle WebCenter Interaction login redirectmedium🔒---
124154Oracle WebCenter Interaction portalpages.dll DisplayResponse Reflected cross site scriptinglow🔒---
124153Oracle WebCenter Interaction cross-site request forgery [CVE-2018-16952]low🔒---
124152Apache Camel Mail Path path traversal [CVE-2018-8041]medium🔒---
124151HTML Package parse.go inBodyIM input validationlow🔒---
124150HTML Package parse.go parseCurrentToken input validationlow🔒---
124149Moodle Boost Theme Reflected cross site scriptinglow🔒--🔒
124148Moodle Drag/Drop code injection [CVE-2018-14630]medium🔒--🔒
124147PoDoFo ParseToUnicode information disclosurelow🔒--🔒
124146Cloud Foundry Container Runtime Application Log Credentials credentials managementlow🔒---
124145Pivotal Cloud Cache BOSH Deployment Log Password log filelow🔒---
124144Apache SpamAssassin Meta Rule Syntax code injection [CVE-2018-11781]low🔒--🔒
124143Apache SpamAssassin PDFInfo Plugin code injection [CVE-2018-11780]medium🔒--🔒
124142Pivotal Application Service Applications Manager credentials managementmedium🔒---
124141Pivotal Application Service Usage Service credentials managementmedium🔒---
124140Foscam C1 Indoor HD Camera Service Port 10001 information disclosurelow🔒---
124139Foscam C1 Indoor HD Camera Recovery Procedure access controlmedium🔒---
124138Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2857]medium🔒---
124137Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2856]medium🔒---
124136Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2854]medium🔒---
124135Iceni Argus ipStringCreate integer overflowmedium🔒---
124134Apache SpamAssassin Scan Engine Parser input validationlow🔒--🔒
124133Insteon Hub HTTP Server information disclosure [CVE-2017-14443]low🔒---
124132ProcessMaker Enterprise Core Deserialization deserializationmedium🔒---
124131Quizlord Plugin admin.php Stored cross site scriptinglow🔒---
124130UltimatePOS products unrestricted uploadmedium🔒---
124129Jibu Pro Plugin quiz_action.php Stored cross site scriptinglow🔒---
124128Prezi Next HTML5 7pk security [CVE-2018-17137]medium🔒---
124127zzcms HTTP Header check.php sql injectionmedium🔒---
124126PHPMyWind web_config.php code injectionmedium🔒---
124125PHPMyWind web_config.php code injectionmedium🔒---
124124PHPMyWind goods_update.php code injectionmedium🔒---
124123PHPMyWind web_config.php code injectionmedium🔒---
124122PHPMyWind member.php cross site scriptinglow🔒---
124121MetInfo feedback_admin.class.php doexport sql injectionlow🔒--