Tools 2018

IDTitleNessusOpenVASSnortSuricataTippingPoint
163696Apple watchOS Messages authentication spoofing [CVE-2018-4391]
163695Apple macOS Messages authentication spoofing [CVE-2018-4391]
163694Apple watchOS Messages authentication spoofing [CVE-2018-4390]
163693Apple macOS Messages authentication spoofing [CVE-2018-4390]
143480Lenovo ThinkPad BIOS injection [CVE-2018-9062]
132961SalesAgility SuiteCRM cross site scripting [CVE-2018-20816]
129942Adobe Acrobat Reader out-of-bounds read [CVE-2018-19722]
129941Adobe Acrobat Reader out-of-bounds read [CVE-2018-19719]🔒
129937Adobe Acrobat Reader out-of-bounds read [CVE-2018-15997]🔒
129936Adobe Acrobat Reader out-of-bounds read [CVE-2018-15989]🔒
129935Adobe Acrobat Reader integer overflow [CVE-2018-15986]🔒
129934Adobe Flash Player DLL untrusted search path [CVE-2018-15983]🔒
129933Adobe Flash Player use after free [CVE-2018-15982]🔒
129932Adobe Acrobat Reader information disclosure [CVE-2018-16042]🔒
129931Adobe Acrobat Reader integer overflow [CVE-2018-15995]🔒
129930Adobe Acrobat Reader integer overflow [CVE-2018-16007]🔒
129929Adobe Acrobat Reader integer overflow [CVE-2018-16009]🔒
129928Adobe Acrobat Reader out-of-bounds read [CVE-2018-19728]🔒
129927Adobe Acrobat Reader out-of-bounds read [CVE-2018-15984]🔒
129926Adobe Acrobat Reader out-of-bounds read [CVE-2018-15985]🔒
129925Adobe Acrobat Reader out-of-bounds read [CVE-2018-15996]🔒
129924Adobe Acrobat Reader out-of-bounds read [CVE-2018-16001]🔒
129923Adobe Acrobat Reader out-of-bounds read [CVE-2018-16002]🔒
129922Adobe Acrobat Reader out-of-bounds read [CVE-2018-16005]🔒
129921Adobe Acrobat Reader out-of-bounds read [CVE-2018-16006]🔒
129920Adobe Acrobat Reader out-of-bounds read [CVE-2018-16010]🔒
129919Adobe Acrobat Reader out-of-bounds read [CVE-2018-16012]🔒
129918Adobe Acrobat Reader out-of-bounds read [CVE-2018-16013]🔒
129917Adobe Acrobat Reader out-of-bounds read [CVE-2018-16015]🔒
129916Adobe Acrobat Reader out-of-bounds read [CVE-2018-16017]🔒
129915Adobe Acrobat Reader out-of-bounds read [CVE-2018-16019]🔒
129914Adobe Acrobat Reader out-of-bounds read [CVE-2018-16020]🔒
129913Adobe Acrobat Reader out-of-bounds read [CVE-2018-16022]🔒
129912Adobe Acrobat Reader out-of-bounds read [CVE-2018-16023]🔒
129911Adobe Acrobat Reader out-of-bounds read [CVE-2018-16024]🔒
129910Adobe Acrobat Reader out-of-bounds read [CVE-2018-16028]🔒
129909Adobe Acrobat Reader out-of-bounds read [CVE-2018-16030]🔒
129908Adobe Acrobat Reader out-of-bounds read [CVE-2018-16031]🔒
129907Adobe Acrobat Reader out-of-bounds read [CVE-2018-16032]🔒
129906Adobe Acrobat Reader out-of-bounds read [CVE-2018-16033]🔒
129905Adobe Acrobat Reader out-of-bounds read [CVE-2018-16034]🔒
129904Adobe Acrobat Reader out-of-bounds read [CVE-2018-16035]🔒
129903Adobe Acrobat Reader out-of-bounds read [CVE-2018-16038]🔒
129902Adobe Acrobat Reader out-of-bounds read [CVE-2018-16041]🔒
129901Adobe Acrobat Reader out-of-bounds read [CVE-2018-16043]🔒
129900Adobe Acrobat Reader out-of-bounds read [CVE-2018-16047]🔒
129899Adobe Acrobat Reader out-of-bounds read [CVE-2018-19699]🔒
129898Adobe Acrobat Reader out-of-bounds read [CVE-2018-19701]🔒
129897Adobe Acrobat Reader out-of-bounds read [CVE-2018-19703]🔒
129896Adobe Acrobat Reader out-of-bounds read [CVE-2018-19704]🔒
129895Adobe Acrobat Reader out-of-bounds read [CVE-2018-19705]🔒
129894Adobe Acrobat Reader out-of-bounds read [CVE-2018-19706]🔒
129893Adobe Acrobat Reader out-of-bounds read [CVE-2018-19709]🔒
129892Adobe Acrobat Reader out-of-bounds read [CVE-2018-19710]🔒
129891Adobe Acrobat Reader out-of-bounds read [CVE-2018-19711]🔒
129890Adobe Acrobat Reader out-of-bounds read [CVE-2018-19712]🔒
129889Adobe Acrobat Reader out-of-bounds read [CVE-2018-19714]🔒
129888Adobe Acrobat Reader out-of-bounds read [CVE-2018-19717]🔒
129887Adobe Acrobat Reader memory corruption [CVE-2018-12830]🔒
129886Adobe Acrobat Reader memory corruption [CVE-2018-16021]🔒
129885Adobe Acrobat Reader memory corruption [CVE-2018-19716]🔒
129884Adobe Acrobat Reader out-of-bounds write [CVE-2018-15988]🔒
129883Adobe Acrobat Reader out-of-bounds write [CVE-2018-15999]🔒
129882Adobe Acrobat Reader out-of-bounds write [CVE-2018-16000]🔒
129881Adobe Acrobat Reader out-of-bounds write [CVE-2018-16016]🔒
129880Adobe Acrobat Reader out-of-bounds write [CVE-2018-19702]🔒
129879Adobe Acrobat Reader use after free [CVE-2018-15990]🔒
129878Adobe Acrobat Reader use after free [CVE-2018-15991]🔒
129877Adobe Acrobat Reader use after free [CVE-2018-15992]🔒
129876Adobe Acrobat Reader use after free [CVE-2018-15993]🔒
129875Adobe Acrobat Reader use after free [CVE-2018-15994]🔒
129874Adobe Acrobat Reader use after free [CVE-2018-16003]🔒
129873Adobe Acrobat Reader use after free [CVE-2018-16008]🔒
129872Adobe Acrobat Reader use after free [CVE-2018-16014]🔒
129871Adobe Acrobat Reader use after free [CVE-2018-16025]🔒
129870Adobe Acrobat Reader use after free [CVE-2018-16026]🔒
129869Adobe Acrobat Reader use after free [CVE-2018-16027]🔒
129868Adobe Acrobat Reader use after free [CVE-2018-16029]🔒
129867Adobe Acrobat Reader use after free [CVE-2018-16036]🔒
129866Adobe Acrobat Reader use after free [CVE-2018-16037]🔒
129865Adobe Acrobat Reader use after free [CVE-2018-16039]🔒
129864Adobe Acrobat Reader use after free [CVE-2018-16040]🔒
129863Adobe Acrobat Reader use after free [CVE-2018-16046]🔒
129862Adobe Acrobat Reader use after free [CVE-2018-19698]🔒
129861Adobe Acrobat Reader use after free [CVE-2018-19700]🔒
129860Adobe Acrobat Reader use after free [CVE-2018-19707]🔒
129859Adobe Acrobat Reader use after free [CVE-2018-19708]🔒
129858Adobe Acrobat Reader use after free [CVE-2018-19713]🔒
129857Adobe Acrobat Reader use after free [CVE-2018-19715]🔒
129856Adobe Acrobat Reader access control [CVE-2018-16045]🔒
129855Adobe Acrobat Reader access control [CVE-2018-16044]🔒
129854Adobe Acrobat Reader null pointer dereference [CVE-2018-19720]🔒
129853Adobe Acrobat Reader null pointer dereference [CVE-2018-16004]🔒
129852Adobe Acrobat Reader memory corruption [CVE-2018-15987]🔒
129851Adobe Acrobat Reader memory corruption [CVE-2018-15998]🔒
129137Apple macOS memory corruption [CVE-2018-4404]
129136Apple iTunes input validation [CVE-2018-4213]🔒
129135Apple watchOS input validation [CVE-2018-4213]🔒
129134Apple tvOS input validation [CVE-2018-4213]🔒
129133Apple iCloud input validation [CVE-2018-4213]🔒
129132Apple Safari input validation [CVE-2018-4213]🔒
129131Apple iTunes assertion [CVE-2018-4212]🔒
129130Apple watchOS assertion [CVE-2018-4212]🔒
129129Apple tvOS assertion [CVE-2018-4212]🔒
129128Apple iCloud assertion [CVE-2018-4212]🔒
129127Apple Safari assertion [CVE-2018-4212]🔒
129126Apple iTunes Javascript Core array index [CVE-2018-4210]🔒
129125Apple watchOS Javascript Core array index [CVE-2018-4210]🔒
129124Apple tvOS Javascript Core array index [CVE-2018-4210]🔒
129123Apple Safari Javascript Core array index [CVE-2018-4210]🔒
129122Apple iTunes input validation [CVE-2018-4209]🔒
129121Apple watchOS input validation [CVE-2018-4209]🔒
129120Apple tvOS input validation [CVE-2018-4209]🔒
129119Apple iCloud input validation [CVE-2018-4209]🔒
129118Apple Safari input validation [CVE-2018-4209]🔒
129117Apple iTunes input validation [CVE-2018-4208]🔒
129116Apple watchOS input validation [CVE-2018-4208]🔒
129115Apple tvOS input validation [CVE-2018-4208]🔒
129114Apple iCloud input validation [CVE-2018-4208]🔒
129113Apple Safari input validation [CVE-2018-4208]🔒
129112Apple iTunes input validation [CVE-2018-4207]🔒
129111Apple watchOS input validation [CVE-2018-4207]🔒
129110Apple tvOS input validation [CVE-2018-4207]🔒
129109Apple iCloud input validation [CVE-2018-4207]🔒
129108Apple Safari input validation [CVE-2018-4207]🔒
129107Apple macOS out-of-bounds read [CVE-2018-4194]
129106Apple iTunes out-of-bounds read [CVE-2018-4194]
129105Apple watchOS out-of-bounds read [CVE-2018-4194]
129104Apple iCloud out-of-bounds read [CVE-2018-4194]
129103Apple tvOS memory corruption [CVE-2018-4189]
129102Apple watchOS memory corruption [CVE-2018-4189]
129101Apple macOS memory corruption [CVE-2018-4189]
129100Apple macOS State information disclosure [CVE-2018-4185]
129099Apple watchOS State information disclosure [CVE-2018-4185]
129098Apple tvOS State information disclosure [CVE-2018-4185]
129097Apple iOS memory corruption [CVE-2018-4147]
129096Apple iTunes memory corruption [CVE-2018-4147]
129095Apple Safari memory corruption [CVE-2018-4147]
129073Apple iOS memory corruption [CVE-2018-4404]
129072Apple iOS memory corruption [CVE-2018-4330]
129071Apple macOS Remote Management permission [CVE-2018-4298]
129070Apple macOS memory corruption [CVE-2018-4258]
129069Apple macOS Size Validation memory corruption [CVE-2018-4257]
129068Apple macOS out-of-bounds read [CVE-2018-4256]
129067Apple macOS out-of-bounds read [CVE-2018-4255]
129066Apple macOS Kernel input validation [CVE-2018-4254]
129065Apple macOS Open Directory 7pk security [CVE-2018-4217]
129064Apple iOS input validation [CVE-2018-4213]🔒
129063Apple iOS assertion [CVE-2018-4212]🔒
129062Apple iOS Javascript Core array index [CVE-2018-4210]🔒
129061Apple iOS input validation [CVE-2018-4209]🔒
129060Apple iOS input validation [CVE-2018-4208]🔒
129059Apple iOS input validation [CVE-2018-4207]🔒
129058Apple iOS out-of-bounds read [CVE-2018-4194]
129057Apple iOS memory corruption [CVE-2018-4189]
129056Apple Safari Private Browsing information disclosure [CVE-2018-4186]
129055Apple iOS State information disclosure [CVE-2018-4185]
129054Apple macOS improper authorization [CVE-2018-4183]🔒
129053Apple macOS CUPS improper authorization [CVE-2018-4182]🔒
129052Apple macOS CUPS improper authorization [CVE-2018-4181]🔒
129051Apple macOS CUPS improper authorization [CVE-2018-4180]🔒
129050Apple macOS Smartcard PIN information disclosure [CVE-2018-4179]
129049Apple macOS out-of-bounds read [CVE-2018-4169]
129048Apple iCloud memory corruption [CVE-2018-4147]
129038Apple macOS Credentials access control [CVE-2017-13889]
128730Microsoft Windows JET Database Engine memory corruption [CVE-2019-0538]🔒
128608McAfee Application Control/Change Control Whitelist access control
128607Proxygen HTTP2 Parser input validation [CVE-2018-6347]
128606Proxygen HTTP2 Priority Setting 7pk error [CVE-2018-6346]
128605WhatsApp Messenger RTP Packet memory corruption [CVE-2018-6344]
128604Proxygen Certificate Validation input validation [CVE-2018-6343]
128603react-dev-utils Webserver cross-site request forgery [CVE-2018-6342]
128602React ReactDOMServer API cross site scripting [CVE-2018-6341]
128601HHVM getextendedstats out-of-bounds read
128600HHVM secureRandom memory corruption
128599osquery Code Signing 7pk security [CVE-2018-6336]🔒
128598HHVM Proxygen out_of_range input validation
128597HHVM Multipart File Upload input validation [CVE-2018-6334]
128596Nuclide Deep Link input validation [CVE-2018-6333]
128595Buck Java Serialized Object deserialization [CVE-2018-6331]
128594GNU binutils elfcomm.c process_archive use after free
128593Jasper jas_malloc.c resource management🔒
128592ok-file-formats ok_mo.c ok_mo_decode2 memory corruption
128591VideoLAN VLC Media Player Passcode access control [CVE-2018-19937]
128590CuppaCMS cu_views cross site scripting
128589razorCMS page Stored cross site scripting
128588razorCMS page cross site scripting
128587XSLT CMS Persistent cross site scripting [CVE-2018-19904]
128586XSLT CMS Persistent cross site scripting [CVE-2018-19903]
128585No-CMS manage_article Persistent cross site scripting
128584No-CMS Persistent cross site scripting [CVE-2018-19901]
128583GetSimple CMS edit.php Stored cross site scripting
128582Frog CMS cross site scripting [CVE-2018-19844]
128581Guardzilla Smart Camera Cloud API User 7pk security
128580Guardzilla GZ621W Cloud Communication TK_set_deviceModel_req_handle memory corruption
128579Guardzilla GZ180 Remote Upgrade command injection [CVE-2018-18600]
128578UCMDB Configuration Management Service path traversal [CVE-2018-18593]
128577ok-file-formats ok_csv.c ok_csv_decode2 memory corruption
128576ok-file-formats ok_wav.c ok_wav_decode_ms_adpcm_data memory corruption
128575Apache NetBeans Proxy Auto-Config command injection [CVE-2018-17191]
128574CIM Install install.php input validation
128573TEMMOKU add cross-site request forgery
128572UWA cross-site request forgery [CVE-2018-20612]
128571imcat Cookie cross site scripting [CVE-2018-20611]
128570imcat adm.php path traversal
128569imcat check.php information disclosure
128568imcat phpinfo information disclosure [CVE-2018-20608]
128567imcat binfo.php Debug information disclosure
128566imcat Path information disclosure [CVE-2018-20606]
128565imcat adm.php code injection
128564LFCMS path traversal [CVE-2018-20604]
128563LFCMS cross-site request forgery [CVE-2018-20603]
128562LFCMS Path information disclosure [CVE-2018-20602]
128561UCMS index.php cross site scripting
128560UCMS cedit.php cross site scripting
128559UCMS index.php code injection
128558UCMS cross-site request forgery [CVE-2018-20598]
128557UCMS index.php cross site scripting
128556XCMS server-side request forgery [CVE-2018-20596]
128555HSWeb OAuth2ClientController.java cross-site request forgery
128554HSWeb FlowableModelManagerController.java Reflected cross site scripting
128553Mini-XML mxmldoc.c scan_file memory corruption
128552Mini-XML mxml-node.c mxmlAdd use after free
128551libming decompile.c decompileJUMP out-of-bounds read
128550Ivan Cordoba Generic Content Management System users.php cross site scripting
128549Ivan Cordoba Generic Content Management System add_pictures.php cross site scripting
128548otfcc unicodeconv.c out-of-bounds read [CVE-2018-20588]
128547Jasper jp2 Converter memory corruption [CVE-2018-20584]🔒
128546PHP League CommonMark library cross site scripting [CVE-2018-20583]
128545ZTE ZXV10 W300 improper authorization [CVE-2018-7366]
128544ML Report activex unrestricted upload
128543DEXTUploadX5 activex input validation
128542Contiki-NG jsonparse.c push memory corruption
128541NuttX netlib_parsehttpurl.c netlib_parsehttpurl resource consumption
128540Orange Livebox restore.exe cross-site request forgery
128539Orange Livebox autodialing.exe cross-site request forgery
128538Orange Livebox system_firmwarel.stm input validation
128537yaml-cpp YAML File HandleFlowMap memory corruption
128536yaml-cpp EnsureTokensInQueue memory corruption
128535WUZHI CMS copyfrom.php sql injection
128534DamiCMS Config information disclosure [CVE-2018-20571]
128533Jasper jp2_enc.c jp2_encode out-of-bounds read🔒
128532Ivan Cordoba Generic Content Management System index.php sql injection
128531Ivan Cordoba Generic Content Management System index.php sql injection
128530DouCo DouPHP index.php access control
128529DouCo DouPHP Error Message Path path traversal
128528DouCo DouPHP cross site scripting [CVE-2018-20565]
128527DouCo DouPHP cross site scripting [CVE-2018-20564]
128526DouCo DouPHP cross site scripting [CVE-2018-20563]
128525DouCo DouPHP cross site scripting [CVE-2018-20562]
128524DouCo DouPHP cross site scripting [CVE-2018-20561]
128523DouCo DouPHP cross site scripting [CVE-2018-20560]
128522DouCo DouPHP cross site scripting [CVE-2018-20559]
128521DouCo DouPHP cross site scripting [CVE-2018-20558]
128520DouCo DouPHP cross site scripting [CVE-2018-20557]
128519tcpreplay get.c get_l2len out-of-bounds read
128518tcpreplay tree.c packet2tree out-of-bounds read
128517Poppler Annot.c getString input validation🔒
128516libcaca file.c caca_file_read integer overflow🔒
128515libcaca common-image.c load_image integer overflow🔒
128514libcaca dither.c get_rgba_default integer overflow🔒
128513libcaca dither.c get_rgba_default integer overflow🔒
128512libcaca common-image.c load_image integer overflow🔒
128511libcaca dither.c caca_dither_bitmap Floating Point divide by zero🔒
128510LIBXSMM generator_spgemm_csc_reader.c libxsmm_sparse_csc_reader resource consumption
128509LIBXSMM generator_spgemm_csc_reader.c libxsmm_sparse_csc_reader memory corruption
128508LIBXSMM generator_spgemm_csc_reader.c libxsmm_sparse_csc_reader memory corruption
128507libLAS liblas.hpp Open resource management
128506libLAS spatialreference.cpp GetGTIF input validation
128505Netwide Assembler preproc.c pp_getline use after free
128504libLAS spatialreference.cpp GetGTIF null pointer dereference
128503libLAS spatialreference.cpp GetGTIF out-of-bounds read
128502Netwide Assembler preproc.c pp_getline use after free
128501libsolv pool.h pool_whatprovides resource management
128500libsolv testcase.c null pointer dereference
128499libsolv testcase.c testcase_read null pointer dereference
128498PHP Scripts Mall Website Seller Script Profile cross site scripting
128497JEECMS getRemoteImage.jspx server-side request forgery
128496Microstrategy Analytics main.aspx cross-site request forgery
128495Pylon mintToken integer overflow
128494SwftCoin mintToken integer overflow
128493Nexxus NXX mintToken integer overflow
128492IP Infusion ZebOS/OcNOS BGP Daemon input validation [CVE-2018-17539]🔒
128491Evolution CMS cross site scripting [CVE-2018-16638]
128490Evolution CMS cross site scripting [CVE-2018-16637]
128489Mezzanine CMS cross site scripting [CVE-2018-16632]
128488Kirby cross site scripting [CVE-2018-16630]
128487F5 APM OAuth Resource Server improper authorization [CVE-2018-15335]🔒
128486APM WebTop cross-site request forgery [CVE-2018-15334]
128485F5 BIG-IP Configuration Utility unrestricted upload [CVE-2018-15333]
128484Sky Elite com.adups.fota.sysoper.WriteCommandReceiver os command injection
128483ZTE ZMAX Champ com.android.zte.hiddenmenu resource management
128482ZTE ZMAX Champ Mobile Device Management access control [CVE-2018-15005]
128481Coolpad Canvas com.qualcomm.qti.modemtestmode log file [CVE-2018-15004]
128480Vivo V7 com.android.phone log file [CVE-2018-15002]
128479Vivo V7 com.vivo.bsptest log file [CVE-2018-15001]
128478Leagoo P1 adb access control [CVE-2018-14998]
128477ZTE Blade Vantage/Blade Spark/ZMAX Pro/ZMAX Champ com.android.modem.service log file
128476Asus ZenFone 3 Max com.asus.dm 7pk security [CVE-2018-14992]
128475MXQ TV Box com.android.server.SystemRestoreReceiver input validation
128474MXQ TV Box com.android.server.MasterClearReceiver Factory Reset permission
128473Leagoo Z5C com.android.messaging information disclosure [CVE-2018-14986]
128472Leagoo Z5C com.android.settings Factory Reset access control
128471Leagoo Z5C com.android.messaging information disclosure [CVE-2018-14984]
128470Asus ZenFone 3 Max com.asus.loguploader information disclosure
128469FrontAccounting attachments.php Time-Based sql injection
128468Logisim Evolution XML Data XmlReader.java loadXmlFrom xml external entity reference
128467PEAR Archive_Tar Unserialize deserialization [CVE-2018-1000888]🔒
128466Peel SHOPPING cross site scripting [CVE-2018-1000887]
128465Battelle V2I Hub Back-End Database PluginStatus.cpp user_info sql injection
128464Battelle V2I Hub Back-End Database PluginStatusActions.php sql injection
128463Battelle V2I Hub cross site scripting [CVE-2018-1000629]
128462Battelle V2I Hub API strcmp access control
128461Battelle V2I Hub API credentials management [CVE-2018-1000627]
128460Battelle V2I Hub API 7pk security [CVE-2018-1000626]
128459Battelle V2I Hub hard-coded credentials [CVE-2018-1000625]
128458Battelle V2I Hub powerdown.php access control
128457Chat Anywhere Extension Content Security Policy cross site scripting
128456miniCMS post-edit.php cross site scripting
12845574cms input validation [CVE-2018-20519]
128454Linux Kernel ipddp.c ipddp_ioctl Address information disclosure🔒
128453CrashFix UserController.php search sql injection
128452Bento4 Ap4HvccAtom.cpp Create resource consumption
128451MetInfo login_check.php cross site scripting
128450VIA Technologies EPIA-E900 SmartETK Driver ETK_E900.sys Blue Screen input validation
128449MIT Kerberos input validation [CVE-2018-20217]🔒
128448Qt BMP Data QBmpHandler memory corruption🔒
128447Qt QTgaFile resource consumption🔒
128446Qt QGifHandler null pointer dereference🔒
128445Qt SVG Image qsvghandler.cpp input validation🔒
128444Dolibarr ERP/CRM export.php cross site scripting
128443Rockwell Automation Allen-Bradley PowerMonitor 1000 Access Control access control
128442Rockwell Automation Allen-Bradley PowerMonitor 1000 Security.shtm Stored cross site scripting
128441Engelsystem cross-site request forgery [CVE-2018-19182]
128440Asus Aura Sync GLCKIo Low-Level Driver 7pk security [CVE-2018-18537]
128439Asus Aura Sync GLCKIo/Asusgio access control [CVE-2018-18536]
128438Asus Aura Sync Asusgio Low-Level Driver access control [CVE-2018-18535]
128437HashHeroes Tiles determineWinner random values
128436Qt QXmlStream double free [CVE-2018-15518]🔒
128435NEC Univerge Sv9100 WebPro Web UI Credentials credentials management
128434NEC Univerge Sv9100 WebPro Home.htm information disclosure
128433Zoho ManageEngine ADSelfService Plus Employee Search Feature cross site scripting
128432Zoho ManageEngine ADSelfService Plus Self-Update Layout cross site scripting
128431GNU wget xattr.c set_file_metadata credentials management🔒
128430GNU tar sparse.c sparse_dump_region out-of-bounds read🔒
128429Poppler XRef.cc getEntry null pointer dereference🔒
128428S-Cms pic.php sql injection
128427S-Cms sql injection [CVE-2018-20479]
128426S-Cms download.php information disclosure
128425S-Cms callback1.php sql injection
128424S-Cms demo.php cross site scripting
128423ImageMagick bmp.c resource management🔒
128422Craft CMS craft.app.config.DB.user information disclosure [CVE-2018-20465]
128421CMS Made Simple myaccount.php Reflected cross site scripting
128420JSmol2WP Plugin path traversal [CVE-2018-20463]
128419JSmol2WP Plugin jsmol.php cross site scripting
128418radare2 cmd_anal.c core_anal_bytes out-of-bounds read🔒
128417radare2 armass64.c parseOperands memory corruption🔒
128416radare2 armass.c armass_assemble out-of-bounds read🔒
128415radare2 dyldcache.c r_bin_dyldcache_extract out-of-bounds read🔒
128414radare2 asm_arm_cs.c assemble out-of-bounds read🔒
128413radare2 asm_x86_nz.c parseOperand out-of-bounds read🔒
128412radare2 asm_x86_nz.c parseOperand memory corruption🔒
12841174cms cross site scripting [CVE-2018-20454]
128410libdoc numutils.c getlong out-of-bounds read
128409libxls ole.c ole2_read_header memory corruption
128408libdoc reader.c process_file memory corruption
128407libxls ole.c read_MSAT double free
128406Frog CMS index.php cross site scripting
128405D-Link DCM-604/DCM-704 Credentials credentials management [CVE-2018-20445]
128404Technicolor CGA0111 Credentials credentials management [CVE-2018-20444]
128403Technicolor TC7200.d1I Credentials credentials management [CVE-2018-20443]
128402Technicolor TC7110.B Credentials credentials management [CVE-2018-20442]
128401Technicolor TC7200.TH2v2 Credentials credentials management [CVE-2018-20441]
128400Technicolor CWA0101 Credentials credentials management [CVE-2018-20440]
128399Technicolor DPC3928SL Credentials credentials management [CVE-2018-20439]
128398Technicolor TC7110.AR Credentials credentials management [CVE-2018-20438]
128397FEBS-Shiro fileDownload path traversal [Disputed]
128396SuSE Repository Mirroring Tool YaST2 RMT Module Password improper authentication🔒
128395QNAP Q'center Virtual Appliance cross site scripting [CVE-2018-0724]
128394QNAP Q'center Virtual Appliance cross site scripting [CVE-2018-0723]
128393Synology DiskStation Manager Log Exporter injection [CVE-2018-8920]
128392Synology DiskStation Manager SYNO.Core.Desktop.SessionData information disclosure
128391Synology Router Manager info.cgi cross site scripting
128390Synology DiskStation Manager info.cgi cross site scripting
128389IIoT Monitor XML Data xml external entity reference [CVE-2018-7837]
128388IIoT Monitor File Upload unrestricted upload [CVE-2018-7836]
128387IIoT Monitor path traversal [CVE-2018-7835]
128386Pro-face GP-Pro EX input validation [CVE-2018-7832]
128385EVLink Parking Web Interface sql injection [CVE-2018-7802]
128384EVLink Parking code injection [CVE-2018-7801]
128383EVLink Parking hard-coded credentials [CVE-2018-7800]
128382PowerSuite 2 memcpy memory corruption
128381FoxView HMI SCADA Credential Management credentials management
128380Telegram Secret Chat server-side request forgery [CVE-2018-20436]
128379c2p0 C3P0ConfigXmlUtils.java extractXmlConfigFromInputStream xml external entity reference🔒
128378Foxit Quick PDF Library xref Entry DAOpenFileReadOnly memory corruption
128377Foxit Quick PDF Library xref Table DAOpenFileReadOnly memory corruption
128376Foxit Quick PDF Library Tree Structure LoadFromStream memory corruption
128375XMPlay m3u File memory corruption [CVE-2018-19357]
128374Epson WorkForce WF-2861 Web Service ROM1 input validation
128373Epson WorkForce WF-2861 Web Service ROM1 input validation
128372Epson WorkForce WF-2861 SNMP Service Amplification input validation
128371Epson WorkForce WF-2861 Web Page BONJOUR input validation
128370Xiaomi Mi A1 Logcat 7pk security [CVE-2018-18698]
128369Apache Tika SQLite3Parser resource consumption [CVE-2018-17197]
128368Cisco ASA Web Management Interface improper authorization [CVE-2018-15465]🔒
128367GNU Libextractor ole2_extractor.c process_metadata null pointer dereference🔒
128366GNU Libextractor ole2_extractor.c history_extract out-of-bounds read🔒
128365libming decompile.c getName null pointer dereference
128364libming decompile.c strlenext null pointer dereference
128363libming decompile.c getInt null pointer dereference
128362libming decompile.c newVar3 null pointer dereference
128361libming decompile.c pushdup null pointer dereference
128360Discuz! DiscuzX WeChat Login plugin.php input validation
128359Discuz! DiscuzX WeChat Login plugin.php 7pk security
128358Discuz! DiscuzX WeChat Login plugin.php access control
128357Go Ethereum resource management [CVE-2018-20421]
128356webERP Access Control Z_CreateCompanyTemplateFile.php access control
128355DouCo DouPHP cross-site request forgery [CVE-2018-20419]
128354Craft CMS cross site scripting [CVE-2018-20418]
128353WellinTech KingSCADA AlarmServer AEserver.exe memory corruption
128352Bento4 Ap4AvccAtom.cpp Create memory corruption
128351Bento4 Ap4StdCFileByteStream.cpp Create resource management
128350Bento4 Ap4DescriptorFactory.cpp CreateDescriptorFromStream resource management
128349Python _pickle.c integer overflow🔒
128348BigTree CMS Path information disclosure [CVE-2018-20405]
128347Safe Software FME Server access control [CVE-2018-20402]
128346Zoom 5352 Credentials credentials management [CVE-2018-20401]
128345Ubee DVW2108/DVW2110 Credentials credentials management [CVE-2018-20400]
128344Motorola SBG901/SBG941/SVG1202 Credentials credentials management
128343Skyworth CM5100.g2 Credentials credentials management [CVE-2018-20398]
128342mplus CBC383Z Credentials credentials management [CVE-2018-20397]
128341NET&SYS MNG2120J/MNG6300 Credentials credentials management [CVE-2018-20396]
128340Netwave MNG6200 Credentials credentials management [CVE-2018-20395]
128339Thomson DWG849/DWG850-4/DWG855/TWG870 Credentials credentials management
128338Technicolor TC7200.TH2v2 Credentials credentials management [CVE-2018-20393]
128337S-A WebSTAR DPC2100 Credentials credentials management [CVE-2018-20392]
128336TEKNOTEL CBW700N Credentials credentials management [CVE-2018-20391]
128335Kaonmedia CG2001-AN22A/CG2001-UDBNA/CG2001-UN2NA Credentials credentials management
128334D-Link DCM-604/DCM-704 Credentials credentials management [CVE-2018-20389]
128333Comtrend CM-6200un/CM-6300n credentials management [CVE-2018-20388]
128332Bnmux BCW700J/BCW710J/BCW710J2 Credentials credentials management
128331Arris SBG6580-2 Credentials credentials management [CVE-2018-20386]
128330CastleNet CBV38Z4EC/CBV38Z4ECNIT/CBW383G4J/CBW38G4J Credentials credentials management
128329iNovo IB-8120-W21/IB-8120-W21E1 Credentials credentials management
128328Arris DG950A/DG950S Credentials credentials management [CVE-2018-20383]
128327Jiuzhou BCM93383WRG Credentials credentials management [CVE-2018-20382]
128326Technicolor DPC2320 Credentials credentials management [CVE-2018-20381]
128325Ambit DDW2600/DDW2602/T60C926/U10C019 Credentials credentials management
128324Technicolor DPC3928SL cross site scripting [CVE-2018-20379]
128323Orange Livebox Service Port 8080 get_getnetworkconf.cgi credentials management
128322Tiny C Compiler Source File Compiler tccasm.c asm_parse_directive out-of-bounds write
128321Tiny C Compiler Source File Compiler tccgen.c sym_pop out-of-bounds write
128320Tiny C Compiler Source File Compiler tccasm.c use_section1 out-of-bounds write
128319Tenda ADSL Modem DHCP Client cross site scripting [CVE-2018-20373]
128318TP-LINK TD-W8961ND DHCP Client cross site scripting [CVE-2018-20372]
128317PhotoRange Photo Vault login.html__passwd1 credentials management
128316SZ NetChat Options Module cross site scripting [CVE-2018-20370]
128315Barracuda Message Archiver Add_Update Module ldap_load_entry.cgi cross site scripting
128314Master Slider Plugin admin-ajax.php cross site scripting
128313WSTMart add.html Stored cross site scripting
128312LibRaw libraw_cxx.cpp raw2image memory corruption🔒
128311LibRaw libraw_cxx.cpp copy_bayer null pointer dereference🔒
128310LibRaw libraw_cxx.cpp raw2image null pointer dereference🔒
128309Freeware Advanced Audio Decoder filtbank.c ifilter_bank null pointer dereference
128308Freeware Advanced Audio Decoder sbr_hfadj.c hf_assembly memory corruption
128307Freeware Advanced Audio Decoder sbr_dec.c sbr_process_channel memory corruption
128306Freeware Advanced Audio Decoder sbr_dec.c sbrDecodeSingleFramePS memory corruption
128305Freeware Advanced Audio Decoder lt_predict.c lt_prediction memory corruption
128304Freeware Advanced Audio Decoder sbr_dec.c sbr_process_channel null pointer dereference
128303Antiy AVL ATool Kernel Driver ssdt.sys memory corruption
1283021Password Error Log Credentials log file
128301SKCertService DLL access control
128300Hancom Office 2010/Office 2014/Office 2018/Office NEO Compound File memory corruption
128299ALZip LZH Archive memory corruption [CVE-2018-5196]
128298Evernote Markdown Stored cross site scripting
128297igraph igraph_trie.c igraph_i_strdiff null pointer dereference
128296libpff libpff_item_tree.c libpff_item_tree_create_node memory corruption
128295SQLite FTS3 Extension integer overflow [CVE-2018-20346]🔒
128294StackStorm st2api keys access control
128293Floureon IP Camera SP012 UART Serial Interface access control
128292Danijar Hafner Definitions Package parser.py load command injection
128291LimeSurvey File Upload cross site scripting [CVE-2018-20322]
128290TheHive Project Cortex Role.toString access control
128289Pulse Secure Access SA update.cgi access control
128288Gigabyte App Center GDrv Low-Level Driver access control [CVE-2018-19323]
128287Gigabyte App Center GPCIDrv/GDrv routine [CVE-2018-19322]
128286Gigabyte App Center GPCIDrv/GDrv access control [CVE-2018-19321]
128285Gigabyte App Center GDrv Low-Level Driver access control [CVE-2018-19320]
128284Trend Micro OfficeScan XG File Permission permission [CVE-2018-18332]
128283Trend Micro OfficeScan XG File Permission permission [CVE-2018-18331]
128282Trend Micro Dr. Safety for Android Address Bar input validation
128281D-Link DIR-140L/DIR-640L dirary0.js Credentials credentials management
128280D-Link DSL/DIR/DWR spaces.htm Credentials credentials management
128279D-Link DSL-2770L atbox.htm Credentials credentials management
128278Jenzabar cross site scripting [CVE-2018-16778]
128277Zoho ManageEngine OpManager Alarms cross site scripting [CVE-2018-20339]
128276Zoho ManageEngine OpManager Alarms sql injection [CVE-2018-20338]
128275LibRaw dcraw_common.cpp parse_makernote memory corruption🔒
128274OpenWebif Plugin Path path traversal [CVE-2018-20332]
128273libjpeg-turbo tjLoadImage integer overflow🔒
128272Chamilo LMS CoursesAndSessionsCatalog.class.php sql injection
128271Chamilo LMS group_view.php cross site scripting
128270Chamilo LMS Gradebook Dependencies Tool gradebook_list.tpl cross site scripting
128269BlackBerry Management Console cross-site request forgery [CVE-2018-8892]
128268BlackBerry Management Console Stored cross site scripting [CVE-2018-8891]
128267BlackBerry Management Console Stored cross site scripting [CVE-2018-8888]
128266ZXCLOUD iRAI untrusted search path [CVE-2018-7365]
128265McAfee Application Control Whitelist access control [CVE-2018-6669]
128264KMPlayer FLV File memory corruption [CVE-2018-5200]
128263Veraport G3 ALL Domain Validation input validation [CVE-2018-5199]
128262Veraport G3 ALL API race condition [CVE-2018-5198]
128261weixin-java-tools BaseWxPayResult.java getXmlDoc xml external entity reference
128260QEMU pvrdma_dev_ring.c input validation
128259QEMU pvrdma_main.c uar_write null pointer dereference
128258QEMU pvrdma_cmd.c create_qp resource management
128257QEMU pvrdma_cmd.c create_qp_rings null pointer dereference
128256QEMU rdma_backend.c out-of-bounds read
128255IBM API Connect access control [CVE-2018-1973]
128254TRENDnet TEW-632BRP/TEW-673GRU apply.cgi memory corruption
128253TRENDnet TV-IP110WN/TV-IP121WN video.cgi memory corruption
128252TRENDnet TV-IP110WN/TV-IP121WN network.cgi memory corruption
128251TRENDnet TEW-673GRU apply.cgi start_arpping os command injection
128250Comparex Miss Marple Enterprise Edition Updater Service input validation
128249Comparex Miss Marple Enterprise Edition hard-coded credentials
128248Artifex Ghostscript type conversion [CVE-2018-19134]🔒
128247Cscape POC File input validation [CVE-2018-19005]
128246Gigaset Maxwell Basic VoIP Password Verification credentials management
128245D-Link myDlink Baby App Credentials credentials management [CVE-2018-18767]
128244Keybase Command Line Client untrusted search path [CVE-2018-18629]
128243D-Link DCS-825L input validation [CVE-2018-18442]
128242D-Link DCS-936L info.cgi information disclosure
128241jco.ir Karma ContentPlaceHolder1_uxTitle ArchiveNews.aspx sql injection
128240MicroWorld Technologies eScan Agent Application MWAGENT.EXE access control
128239IBM API Connect MongoDB Connector input validation [CVE-2018-1784]
128238IBM Connect REST API improper authentication [CVE-2018-1778]
128237IBM Domino Command Line nsd.exe memory corruption
128236Elasticsearch Security Java Security Manager xml external entity reference🔒
128235Kibana Console Plugin command injection [CVE-2018-17246]🔒🔒
128234Kibana PDF Report Generator credentials management [CVE-2018-17245]🔒
128233Elasticsearch Security Active Directory information disclosure🔒
128232IBM DataPower Gateways File System input validation [CVE-2018-1677]
128231Kirby Password Recovery injection [CVE-2018-16627]
128230IBM DataPower Gateways cross-site request forgery [CVE-2018-1661]
128229Logitech Harmony Hub command injection [CVE-2018-15723]
128228Logitech Harmony Hub os command injection [CVE-2018-15722]
128227Logitech Harmony Hub XMPP Server improper authentication [CVE-2018-15721]
128226Logitech Harmony Hub XMPP Server hard-coded credentials [CVE-2018-15720]
128225F5 BIG-IP AAM Convert Utility permission [CVE-2018-15331]🔒
128224F5 BIG-IP Traffic Management Microkernel Bomb input validation🔒
128223F5 BIG-IP TMUI command injection [CVE-2018-15329]🔒
128222Mondula Multi Step Form Plugin admin-ajax.php Stored cross site scripting
128221Adrenalin ShiftEmployeeSearch.aspx Reflected cross site scripting
128220Google Android use after free [CVE-2018-11988]
128219Google Android Linux Kernel double free [CVE-2018-11987]
128218Google Android Camera Subsystem memory corruption [CVE-2018-11986]
128217Google Android config [CVE-2018-11985]
128216Google Android DIAG Driver use after free [CVE-2018-11984]
128215Google Android Linux Kernel use after free [CVE-2018-11983]
128214Google Android Linux Kernel proptrigger.sh access control
128213Google Android Linux Kernel passwd access control
128212Google Android Camera JPEG Driver out-of-bounds read [CVE-2018-11963]
128211Google Android GNSS Config memory corruption [CVE-2018-11961]
128210Google Android SPS Driver use after free [CVE-2018-11960]
128209netatalk dsi_opensess.c out-of-bounds write🔒
128208NASM stdscan.c memory corruption
128207PHKP phkp.php pgp_exec command injection
128206Vesta CP Password Reset index.php information disclosure
128205Elixir Plug Header Injection input validation [CVE-2018-1000883]
128204WebID getthumb.php path traversal
128203Traccar Server ComputedAttributesHandler.java code injection
128202libarchive archive_read_support_format_warc.c warc_read double free🔒
128201libarchive archive_acl.c archive_acl_from_text_l null pointer dereference
128200libarchive RAR Decoder archive_read_support_format_rar.c use after free🔒
128199libarchive RAR Decoder archive_read_support_format_rar.c parse_codes double free🔒
128198GNU binutils bfd_canonicalize_dynamic_reloc integer overflow
128197Berkeley Open Infrastructure for Network Computing BOINC Server Website Terms of Service Acceptance Page improper authentication
128196PHP Markdown Parser cross site scripting [CVE-2018-1000874]
128195FasterXML Jackson jackson-databind input validation [CVE-2018-1000873]
128194OpenKMIP PyKMIP resource management [CVE-2018-1000872]
128193HotelDruid gestione_utenti.php sql injection
128192phpipam User Settings print-user.php cross site scripting
128191phpipam item-add-submit.php sql injection
128190WebID user_login.php cross site scripting
128189WebID Blind sql injection [CVE-2018-1000867]
128188phpipam cross site scripting [CVE-2018-1000860]
128187GnuPG cross-site request forgery [CVE-2018-1000858]🔒
128186log-user-session path traversal
128185DomainMod cross site scripting [CVE-2018-1000856]
128184easymon Firefox Reflected cross site scripting
128183esigate XSLT injection [CVE-2018-1000854]
128182FreeRDP drdynvc_main.c drdynvc_process_capability_request resource management🔒
128181Copay Bitcoin Wallet Private Key Storage key management [CVE-2018-1000851]
128180Square Retrofit path traversal [CVE-2018-1000850]
128179Alpine Linux Package Manager input validation [CVE-2018-1000849]
128178WampServer index.php cross site scripting
128177FreshDNS Admin Interface cross site scripting [CVE-2018-1000847]
128176FreshDNS index.php cross-site request forgery
128175Avahi avahi-daemon denial of service [CVE-2018-1000845]🔒
128174Square Open Source Retrofit XML Data xml external entity reference
128173Luigi API Endpoint 1870 cross-site request forgery
128172FatFreeCRM cross site scripting [CVE-2018-1000842]
128171Zend.To verify.php cross site scripting
128170Processing Foundation Processing XML Data loadXML xml external entity reference
128169LH-HER File Upload unrestricted upload [CVE-2018-1000839]
128168Autopsy XML Parser xml external entity reference [CVE-2018-1000838]
128167UML Designer XML Parser xml external entity reference [CVE-2018-1000837]
128166bw-calendar-engine version XML Parser xml external entity reference
128165KeePass XML Data xml external entity reference [CVE-2018-1000835]
128164Runelite XML Data xml external entity reference [CVE-2018-1000834]
128163ZoneMinder deserialization [CVE-2018-1000833]
128162ZoneMinder command injection [CVE-2018-1000832]
128161K9Mail XML Data xml external entity reference [CVE-2018-1000831]
128160XR3Player Playlist Parser xml external entity reference [CVE-2018-1000830]
128159Anyplace XML Data xml external entity reference [CVE-2018-1000829]
128158FrostWire XML Data Archiving Service xml external entity reference
128157Ubilling deserialization [CVE-2018-1000827]
128156Microweber Admin Login cross site scripting [CVE-2018-1000826]
128155FreeCol FreeColXMLReader Parser xml external entity reference
128154MegaMek Object Stream Connection deserialization [CVE-2018-1000824]
128153Exist REST Server xml external entity reference [CVE-2018-1000823]
128152Codelib Fess GSA XML File Parser xml external entity reference
128151MicroMathematics SMathStudio File xml external entity reference
128150neo4j-contrib neo4j-apoc-procedures XML Parser xml external entity reference
128149Asset Pipeline Plugin Access Control access control [CVE-2018-1000817]
128148Grafana Query Editor cross site scripting [CVE-2018-1000816]
128147Brave content_settings_observer.cc AllowScript input validation
128146aio-libs aiohttp-session NaClCookieStorage session expiration
128145Backdrop CMS Class Name cross site scripting [CVE-2018-1000813]
128144Ártica Soluciones Tecnológicas Integria IMS Password Recovery password_recovery.php password recovery
128143Bludit Pages Editor unrestricted upload [CVE-2018-1000811]
128142knc read_packet resource consumption
128141Google Android Synchronization msm_vb2 use after free
128140Pulse Secure Virtual Traffic Manager information disclosure [CVE-2018-20307]
128139Pulse Secure Virtual Traffic Manager Web Administration User Interface Stored cross site scripting
128138Steve Pallen Coherence Registration input validation [CVE-2018-20301]
128137Microsoft Internet Explorer Scripting Engine JScript.dll memory corruption🔒
128136LibVNC File Transfer Extension use after free [CVE-2018-6307]🔒
128135D-Link DIR-816 A2 form2userconfig.cgi memory corruption
128134libexcel workbook.c wbook_addworksheet memory corruption
128133Gogs File Upload path.go path traversal
128132Steve Pallen Xain cross site scripting [CVE-2018-20302]
128131Empire CMS memberform.$fid.php code injection
128130Bosch Smart Home Camera Network Interface memory corruption [CVE-2018-20299]
128129S3 Browser XML Data xml external entity reference [CVE-2018-20298]
128128Two-Factor-Authentication Plugin cross-site request forgery [CVE-2018-20231]
128127PSPP pspp-dump-sav.c read_bytes_internal memory corruption
128126SubSonic internetRadioSettings.view cross-site request forgery
128125RDF4j path traversal [CVE-2018-20227]
128124LibVNC Client null pointer dereference [CVE-2018-20024]🔒
128123LibVNC Client information disclosure [CVE-2018-20023]🔒
128122LibVNC Client information disclosure [CVE-2018-20022]🔒
128121LibVNC Client resource consumption [CVE-2018-20021]🔒
128120LibVNC out-of-bounds write [CVE-2018-20020]🔒
128119LibVNC out-of-bounds write [CVE-2018-20019]🔒
128118Statamic Add New users cross site scripting
128117CMS Made Simple File Upload cross site scripting [CVE-2018-19597]
128116Zurmo Report cross site scripting [CVE-2018-19596]
128115cmsimple File Upload cross site scripting [CVE-2018-19508]
128114cmsimple ?file=config&action=array cross site scripting
128113Zurmo Reports cross site scripting [CVE-2018-19506]
128112Advantech WebAccess SCADA input validation [CVE-2018-18999]
128111Apache NiFi Template Upload cross-site request forgery [CVE-2018-17195]
128110Apache NiFi Cluster input validation [CVE-2018-17194]
128109Apache NiFi Error Page message-page.jsp Reflected cross site scripting
128108Apache NiFi X-Frame-Options Header input validation [CVE-2018-17192]
128107sssd Configuration Parameter information disclosure [CVE-2018-16883]
128106Spring Security JWT Issuer Validation insufficient verification of data authenticity
128105Pivotal Concourse Login Flow redirect [CVE-2018-15798]
128104LibVNC File Transfer Extension out-of-bounds write [CVE-2018-15127]🔒
128103LibVNC File Transfer Extension use after free [CVE-2018-15126]🔒
128102Apache Oozie Workflow Impersonation input validation
128101VMware vRealize Operations access control [CVE-2018-6978]🔒
128100Webroot BrightCloud SDK HTTP Client certificate validation [CVE-2018-4015]
128099libexcel workbook.c wbook_addworksheet memory corruption
128098Espruino JS File jsflash.c jsfNameFromString memory corruption
128097Freeware Advanced Audio Decoder filtbank.c ifilter_bank null pointer dereference
128096Freeware Advanced Audio Decoder filtbank.c ifilter_bank null pointer dereference
128095Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruption
128094Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruption
128093Freeware Advanced Audio Decoder ic_predict.c ic_predict null pointer dereference
128092Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruption
128091Artica Integria IMS lista_usuarios cross-site request forgery
128090Symfony Login Form redirect [CVE-2018-19790]🔒
128089Symfony __toString unrestricted upload🔒
128088DriverAgent IOCTL Call DrvAgent64.sys input validation
128087PHP Server Monitor cross-site request forgery [CVE-2018-18921]
128086IBM Event Streams API input validation [CVE-2018-1833]
128085D-Link DVA-5592 Control Panel login improper authentication
128084Linux Kernel NFS41+ Subsystem bc_svc_process use after free🔒
128083ARM Trusted Firmware Register information disclosure [CVE-2017-15031]
128082Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server unusual condition
128081Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server information disclosure
128080Modicon M340/Premium/Quantum PLC/BMXNOR0200 Embedded Web Server redirect
128079Schneider Electric Power Monitoring Expert URL redirect [CVE-2018-7797]
128078LibSass eval.cpp Supports_Operator*) null pointer dereference
128077GraphicsMagick dib File dib.c ReadDIBImage input validation🔒
128076Fuel CMS cross-site request forgery [CVE-2018-20188]
128075Bento4 Ap4Sample.cpp ReadData resource consumption
128074GraphicsMagick bmp.c ReadBMPImage out-of-bounds read🔒
128073GraphicsMagick tga.c WriteTGAImage memory corruption🔒
128072Nagios XI magpie_slashbox.php cross site scripting
128071Nagios XI magpie_simple.php cross site scripting
128070ymlref code injection [CVE-2018-20133]
128069QEMU pvrdma_main.c pvrdma_realize resource management
128068PTC ThingWorx Platform ZIP File path traversal [CVE-2018-20092]
128067Pylearn2 yaml_parse.load code injection
128066YARA exec.c information disclosure
128065YARA exec.c out-of-bounds read
128064YARA exec.c Address information disclosure
128063PrinterOn Enterprise File input validation [CVE-2018-19936]
128062Bolt CMS Text Input Click Preview cross site scripting [CVE-2018-19933]
128061Artica Integria IMS cross site scripting [CVE-2018-19828]
128060InfoVista VistaPortal SE SharedCriteria.jsp Reflected cross site scripting
128059InfoVista VistaPortal SE SecurityPolicies.jsp Reflected cross site scripting
128058InfoVista VistaPortal SE Roles.jsp Reflected cross site scripting
128057InfoVista VistaPortal SE Rights.jsp Reflected cross site scripting
128056InfoVista VistaPortal SE Contacts.jsp Reflected cross site scripting
128055InfoVista VistaPortal SE AdminAuthorisationFrame.jsp Reflected cross site scripting
128054InfoVista VistaPortal SE ChooseCategory.jsp Reflected cross site scripting
128053InfoVista VistaPortal SE UserPopupAddNewProp.jsp Reflected cross site scripting
128052InfoVista VistaPortal SE Subscriptions.jsp Reflected cross site scripting
128051InfoVista VistaPortal SE Subscribers.jsp Reflected cross site scripting
128050InfoVista VistaPortal SE SubFolderPackages.jsp Reflected cross site scripting
128049InfoVista VistaPortal SE Import.jsp Reflected cross site scripting
128048InfoVista VistaPortal SE GroupMove.jsp Reflected cross site scripting
128047InfoVista VistaPortal SE GroupCopy.jsp Reflected cross site scripting
128046InfoVista VistaPortal SE Variables.jsp Reflected cross site scripting
128045InfoVista VistaPortal SE PresentSpace.jsp Reflected cross site scripting
128044InfoVista VistaPortal SE EditCurrentUser.jsp Reflected cross site scripting
128043InfoVista VistaPortal SE EditCurrentPresentSpace.jsp Reflected cross site scripting
128042InfoVista VistaPortal SE EditCurrentPool.jsp Reflected cross site scripting
128041InfoVista VistaPortal SE Users.jsp Reflected cross site scripting
128040InfoVista VistaPortal SE UserProperties.jsp Reflected cross site scripting
128039InfoVista VistaPortal SE SubPagePackages.jsp cross site scripting
128038InfoVista VistaPortal SE PresentSpace.jsp Reflected cross site scripting
128037InfoVista VistaPortal SE GroupRessourceAdmin.jsp Reflected cross site scripting
128036InfoVista VistaPortal SE EditCurrentPresentSpace.jsp Reflected cross site scripting
128035InfoVista VistaPortal SE RolePermissions.jsp Reflected cross site scripting
128034Sylabs Singularity input validation [CVE-2018-19295]🔒
128033Bosch IP Camera Network Interface memory corruption [CVE-2018-19036]
128032IBM Security Guardium Web UI cross site scripting [CVE-2018-1891]
128031IBM Security Guardium Web UI cross site scripting [CVE-2018-1889]
128030VyOS Default Configuration pppd access control
128029VyOS Sandbox access control [CVE-2018-18555]
128028Icinga Web 2 Navigation Dashlet input validation [CVE-2018-18250]
128027Icinga Web 2 add code injection
128026Icinga Web 2 services cross site scripting
128025Icinga Web 2 add cross site scripting
128024Icinga Web 2 cross-site request forgery [CVE-2018-18246]
128023Nagios Plugin Result cross site scripting [CVE-2018-18245]🔒
128022Swisscom Internet Box Light LAN UPnP Service memory corruption
128021Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_pcie.c dhd_bus_flow_ring_create_response memory corruption
128020Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_pcie.c dhd_bus_flow_ring_flush_response memory corruption
128019Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_pcie.c dhd_bus_flow_ring_delete_response memory corruption
128018Samsung Galaxy S6 Wi-Fi Driver dhd_msgbuf.c dhd_prot_txdata_write_flush null pointer dereference
128017Samsung Galaxy S6 bcmdhd4358 Wi-Fi Driver dhd_linux.c dhd_rx_frame memory corruption
128016IBM Security Guardium Database Activity Monitor 7pk security
128015IBM Security Guardium URL information disclosure [CVE-2017-1272]
128014IBM Security Guardium Certificate Validation certificate validation
128013Zoho ManageEngine OpManager getGraphData API sql injection [CVE-2018-20173]
128012OpenStack Keystone POST Request tokens Username information disclosure
128011Linux Kernel USB Subsystem usb.c __usb_get_extra_descriptor resource consumption🔒
128010Rendertron node_modules information disclosure [CVE-2017-18355]
128009Rendertron Protocol path traversal [CVE-2017-18354]
128008Rendertron access control [CVE-2017-18353]
128007Rendertron Error Reporting Reflected cross site scripting
128006Google gVisor Pagetable input validation [CVE-2018-20168]
128005Terminology applications handle_unknown_media injection🔒
128004BlinkForHome Sync Module Clip 7pk security [CVE-2018-20161]
128003i-doit open File Upload input validation [CVE-2018-20159]
128002OpenRefine XML Data xml external entity reference [CVE-2018-20157]
128001WP Maintenance Mode Plugin input validation [CVE-2018-20156]
128000WP Maintenance Mode Plugin Access Restriction access control
127999WP Maintenance Mode Plugin Email information disclosure [CVE-2018-20154]
127998WordPress Comment cross site scripting [CVE-2018-20153]🔒
127997WordPress Post Type input validation [CVE-2018-20152]🔒
127996WordPress User-Activation Page Email information disclosure🔒
127995WordPress Plugin cross site scripting [CVE-2018-20150]🔒
127994WordPress MIME Restriction cross site scripting [CVE-2018-20149]🔒
127993WordPress Metadata deserialization [CVE-2018-20148]🔒
127992WordPress Metanet Data Delete access control🔒
127991IBM DB2 input validation [CVE-2018-1977]
127990Sonarsource SonarQube API information disclosure [CVE-2018-19413]
127989Geutebrueck E2 Camera DNS Configuration os command injection
127988GE Mark VIe path traversal [CVE-2018-19003]
127987Medtronic CareLink 9790 Programmer 29901 cryptographic issues
127986IBM Business Automation Workflow Web UI cross site scripting
127985Ricoh myPrint WSDL API hard-coded credentials [CVE-2018-18006]
127984Google Go crypto-x509 Package certificate validation [CVE-2018-16875]🔒
127983Google Go Command path traversal [CVE-2018-16874]🔒
127982Google Go Command input validation [CVE-2018-16873]🔒
127981Apache OFBiz HTTP Engine httpService information disclosure
127980Micro Focus Fortify Software Security Center improper authorization
127979Micro Focus Fortify Software Security Center improper authorization
127978McAfee Agent resource consumption [CVE-2018-6707]
127977Pixar Tractor software Stored cross site scripting [CVE-2018-5411]
127976Intel System Defense Utility Permission access control [CVE-2018-3705]
127975Intel Parallel Studio XE Permission access control [CVE-2018-3704]
127974Eclipse Mosquitto ACL 7pk security [CVE-2018-20145]🔒
127973PHP Scripts Mall Entrepreneur B2B Script Account Settings Stored cross site scripting
127972Fuel CMS cross site scripting [CVE-2018-20137]
127971Fuel CMS Page Creation cross site scripting [CVE-2018-20136]
127970QEMU 9p.c v9fs_wstat race condition🔒
127969Oracle Secure Global Desktop helpwindow.jsp Reflected cross site scripting
127968QEMU cofile.c use after free🔒
127967Zoho ManageEngine ADAudit memory corruption [CVE-2018-19118]
127966Grafana information disclosure [CVE-2018-19039]
127965Abisoft Ticketly addproject.php description sql injection
127964Abisoft Ticketly add_user.php add_user access control
127963IBM Security Access Manager Appliance hard-coded credentials
127962IBM Security Access Manager Appliance information disclosure
127961IBM Operational Decision Management XML Data xml external entity reference
127960IBM Security Guardium hard-coded credentials [CVE-2018-1818]
127959IBM Security Guardium Web UI cross site scripting [CVE-2018-1817]
127958IBM Security Access Manager Appliance Web UI cross site scripting
127957IBM Security Access Manager Appliance inadequate encryption [CVE-2018-1814]
127956IBM Security Access Manager Appliance Blacklist access control
127955Intel Solid State Drive Toolbox Directory Permission access control
127954Intel QuickAssist Technology for Linux memory corruption [CVE-2018-18096]
127953Intel VTune Amplifier File Permission access control [CVE-2018-18093]
127952IBM Security Access Manager Appliance Error Message information disclosure
127951IBM Security Access Manager Appliance Session session fixiation
127950IBM Security Access Manager Appliance input validation [CVE-2018-1803]
127949IBM Security Access Manager Appliance Web UI cross site scripting
127948QEMU Media Transfer Protocol usb_mtp_get_partial_object input validation
127947IBM DataPower Gateway Web UI cross site scripting [CVE-2018-1667]
127946IBM DataPower Gateway inadequate encryption [CVE-2018-1665]
127945Siemens SIMATIC S7-410 Service Port 102 input validation [CVE-2018-16557]
127944Siemens SIMATIC S7-410 Service Port 102 input validation [CVE-2018-16556]
127943Siemens SCALANCE S602 Integrated Web Server cross site scripting
127942IBM Security Access Manager Appliance Web UI cross site scripting
127941Dell EMC iDRAC7/iDRAC8 Error 7pk error [CVE-2018-15776]🔒
127940Dell EMC iDRAC7/iDRAC8/iDRAC9 Redfish Interface access control🔒
127939Cloud Foundry UAA Authorization credentials management [CVE-2018-15754]
127938Katello API sql injection [CVE-2018-14623]
127937Siemens SIMATIC S7-1200 Connection resource consumption [CVE-2018-13815]
127936Siemens SIMATIC HMI Comfort Panel Webserver Header Injection input validation
127935Siemens SIMATIC HMI Comfort Panel Webserver redirect [CVE-2018-13813]
127934Siemens SIMATIC HMI Comfort Panel Security Vulnerability MP path traversal
127933Siemens SIMATIC Step 7 Password Hash information disclosure [CVE-2018-13811]
127932Siemens SIMATIC IT LMS improper authentication [CVE-2018-13804]
127931Intel QuickAssist Technology for Linux Hardware Access memory corruption
127930Avanti Markets MarketCard UPC Bar information disclosure [CVE-2018-12076]
127929IBM Security Guardium Password Storage Salt cryptographic issues
127928DeDeCMS select_images_post.php code injection
127927UsualToolCMS a_sqlback.php backname[] path traversal
127926zzzphp CMS save.php del_file input validation
127925Microsoft SharePoint Enterprise Server cross site scripting [CVE-2018-8650]🔒
127924McAfee Agent Installation Temporary access control
127923McAfee Agent access control [CVE-2018-6705]
127922McAfee Agent access control [CVE-2018-6704]
127921HAProxy dns.c infinite loop🔒
127920HAProxy dns.c dns_validate_dns_response out-of-bounds read🔒
127919Import Users from CSV with Meta Plugin Cell cross site scripting
127918Exiv2 jp2image.cpp encodeJp2Header input validation
127917Exiv2 jp2image.cpp encodeJp2Header memory corruption
127916Exiv2 tiffimage_int.cpp findPrimaryGroups memory corruption
127915Exiv2 pngimage.cpp tEXtToDataBuf memory corruption
127914Bento4 Ap4Array.h EnsureCapacity resource management
127913XXL-CONF PropUtil.java path traversal
127912IBM WebSphere Application Server Admin Console cross-site request forgery
127911IBM WebSphere Application Server access control [CVE-2018-1901]
127910Linux Kernel Access Control userfaultfd.c privileges management🔒
127909eDirectory cross site scripting [CVE-2018-17952]
127908eDirectory Authorization authorization [CVE-2018-17950]
127907iManager cross site scripting [CVE-2018-17949]
127906QEMU Media Transfer Protocol dev-mtp.c usb_mtp_write_data path traversal
127905Open Dental MySQL Database credentials management [CVE-2018-15719]
127904Open Dental information disclosure [CVE-2018-15718]
127903Open Dental Password Storage MD5 credentials management
127902F5 BIG-IP/Enterprise Manager/BIG-IQ/iWorkflow SNMPv3 Passphrase information disclosure🔒
127901IBM BigFix Platform session fixiation [CVE-2018-1485]🔒
127900IBM BigFix Platform Cookie session fixiation [CVE-2018-1484]🔒
127899IBM BigFix Platform URL information disclosure [CVE-2018-1481]🔒
127898IBM BigFix Platform Cookie httponly session fixiation🔒
127897IBM BigFix Platform input validation [CVE-2018-1478]🔒
127896IBM BigFix Platform information disclosure [CVE-2018-1476]🔒
127895IBM BigFix Platform HTTP Response Splitting response splitting🔒
127894Siemens TIM 1531 IRC Service Port 102 improper authentication
127893Siemens SINUMERIK 828D/SINUMERIK 840D sl Security Vulnerability tcp access control
127892Siemens SINUMERIK 828D/SINUMERIK 840D sl IOCTL Call out-of-bounds read
127891Siemens SINUMERIK 828D/SINUMERIK 840D sl VNC Server access control
127890Siemens SINUMERIK 828D/SINUMERIK 840D sl Service Command Application memory corruption
127889Siemens SINUMERIK 828D/SINUMERIK 840D sl access control [CVE-2018-11462]
127888Siemens SINUMERIK 828D/SINUMERIK 840D sl Service Command Application access control
127887Siemens SINUMERIK 828D/SINUMERIK 840D sl CRAMFS Archive access control
127886Siemens SINUMERIK 828D/SINUMERIK 840D sl access control [CVE-2018-11459]
127885Siemens SINUMERIK 828D/SINUMERIK 840D sl Firewall Configuration tcp access control
127884Siemens SINUMERIK 828D/SINUMERIK 840D sl Web Server access control
127883Microsoft Azure Pack Rollup cross site scripting [CVE-2018-8652]
127882Microsoft Dynamics NAV cross site scripting [CVE-2018-8651]
127881Microsoft Windows memory corruption [CVE-2018-8649]🔒
127880Microsoft Windows Win32k access control [CVE-2018-8641]🔒
127879McAfee Agent Common Service use after free [CVE-2018-6703]
127878SAP Commerce cross site scripting [CVE-2018-2505]
127877SAP NetWeaver AS JAVA Web Container cross site scripting [CVE-2018-2504]
127876SAP NetWeaver AS JAVA KeyStore Service improper authorization
127875SAP Business One Service Layer Trace cross site scripting [CVE-2018-2502]
127874SAP Mobile Secure Android Application information disclosure
127873SAP HANA Security Audit Log input validation [CVE-2018-2497]
127872SAP NetWeaver Basis AS ABAP authorization [CVE-2018-2494]
127871SAP NetWeaver AS JAVA SAML 2.0 input validation [CVE-2018-2492]
127870SAP Marketing cross site scripting [CVE-2018-2486]
127869doorGets theme_content_nofi path traversal
127868NoneCms App.php input validation [CVE-2018-20062]
127867ERPNext sql injection [CVE-2018-20061]
127866urllib3 Authorization HTTP Header Credentials credentials management
127865phpMyAdmin Navigation Tree cross site scripting [CVE-2018-19970]🔒
127864phpMyAdmin cross-site request forgery [CVE-2018-19969]🔒
127863phpMyAdmin information disclosure [CVE-2018-19968]🔒
127862IBM WebSphere Application Server Java deserialization [CVE-2018-1904]
127861IBM Curam Social Program Management Web UI cross site scripting
127860TIBCO Managed File Transfer Command Center Privileges credentials management
127859Google Chrome v8 Reflect.construct out-of-bounds read🔒
127858Google Chrome WPAD File input validation [CVE-2018-18358]🔒
127857Google Chrome URL Formatter Address input validation🔒
127856Google Chrome Skia integer overflow [CVE-2018-18356]🔒
127855Google Chrome URL Formatter Address input validation🔒
127854Google Chrome Shell input validation [CVE-2018-18354]🔒
127853Google Chrome Network Authentication source code [CVE-2018-18353]🔒
127852Google Chrome Media access control [CVE-2018-18352]🔒
127851Google Chrome Navigation Cookie input validation🔒
127850Google Chrome Blink CSP data processing🔒
127849Google Chrome Blink access control [CVE-2018-18349]🔒
127848Google Chrome Omnibox Address input validation🔒
127847Google Chrome Navigation Javascript input validation🔒
127846Google Chrome Blink input validation [CVE-2018-18346]🔒
127845Google Chrome Site Isolation 7pk security [CVE-2018-18345]🔒
127844Google Chrome Extensions setDownloadBehavior input validation🔒
127843Google Chrome Skia use after free [CVE-2018-18343]🔒
127842Google Chrome v8 deserialization [CVE-2018-18342]🔒
127841Google Chrome Blink integer overflow [CVE-2018-18341]🔒
127840Google Chrome MediaRecorder memory corruption [CVE-2018-18340]🔒
127839Google Chrome WebAudio memory corruption [CVE-2018-18339]🔒
127838Google Chrome Canvas memory corruption [CVE-2018-18338]🔒
127837Google Chrome Blink use after free [CVE-2018-18337]🔒
127836Google Chrome PDFium use after free [CVE-2018-18336]🔒
127835Google Chrome Skia memory corruption [CVE-2018-18335]🔒
127834Google Chrome PDFium use after free [CVE-2018-17481]🔒
127833Google Chrome v8 out-of-bounds write [CVE-2018-17480]🔒
127832IBM Curam Social Program Management redirect [CVE-2018-1654]
127831IBM DataPower Gateway/MQ Appliance input validation [CVE-2018-1652]
127830Palo Alto Expedition Migration Tool access control [CVE-2018-10143]
127829Microsoft Internet Explorer Scripting Engine memory corruption🔒
127828Microsoft Windows Win32k access control [CVE-2018-8639]🔒
127827Microsoft Windows DirectX information disclosure [CVE-2018-8638]🔒
127826Microsoft Windows Win32k information disclosure [CVE-2018-8637]🔒
127825Microsoft SharePoint Enterprise Server access control [CVE-2018-8635]🔒
127824Microsoft Excel information disclosure [CVE-2018-8627]🔒
127823Microsoft Windows Kernel information disclosure [CVE-2018-8622]🔒
127822Microsoft Windows Kernel information disclosure [CVE-2018-8621]🔒
127821Microsoft Windows Connected User Experiences/Telemetry Service input validation🔒
127820Microsoft Windows Kernel access control [CVE-2018-8611]🔒
127819Microsoft Exchange Server Profile Data data processing [CVE-2018-8604]🔒
127818Microsoft Windows Diagnostics Hub Standard Collector Service dropped privileges🔒
127817Microsoft Excel information disclosure [CVE-2018-8598]🔒
127816Microsoft Windows GDI information disclosure [CVE-2018-8596]🔒
127815Microsoft Windows GDI information disclosure [CVE-2018-8595]🔒
127814Microsoft SharePoint Enterprise Server Search information disclosure🔒
127813Microsoft .NET Framework input validation [CVE-2018-8517]🔒
127812Microsoft Windows Remote Procedure Call information disclosure🔒
127811Microsoft Windows Kernel information disclosure [CVE-2018-8477]🔒
127810Microsoft Internet Explorer Scripting Engine memory corruption🔒
127809Microsoft PowerPoint memory corruption [CVE-2018-8628]🔒
127808Microsoft Internet Explorer VBScript Engine memory corruption🔒
127807Microsoft Internet Explorer VBScript memory corruption [CVE-2018-8619]🔒
127806Microsoft Outlook memory corruption [CVE-2018-8587]🔒
127805Microsoft Excel memory corruption [CVE-2018-8636]🔒
127804Microsoft Excel memory corruption [CVE-2018-8597]🔒
127803Microsoft Windows Text-To-Speech memory corruption [CVE-2018-8634]🔒
127802Microsoft Internet Explorer memory corruption [CVE-2018-8631]🔒
127801Microsoft Windows DNS Server memory corruption [CVE-2018-8626]🔒
127800Microsoft .NET Framework input validation [CVE-2018-8540]🔒
127799Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
127798Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
127797Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
127796Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
127795Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
127794Pippo JaxbEngine.java xml external entity reference
127793Evernote Attachment Preview path traversal [CVE-2018-20058]
127792D-Link DIR-605L/DIR-619L boa os command injection
127791D-Link DIR-605L/DIR-619L boa memory corruption
127790Signal Messenger Disappearing Messages information disclosure
127789Jooan JA-Q1H Wi-Fi Camera GetStreamUri data processing
127788Jooan JA-Q1H Wi-Fi Camera GetVideoEncoderConfigurationOptions data processing
127787NoMachine DokanFS nxfs.sys memory corruption
127786IBM WebSphere Application Server API httpServletRequest#authenticate information disclosure
127785IBM Curam Social Program Management code injection [CVE-2018-1671]
127784Nucleus CMS index.php input validation
127783BlackCat CMS cross site scripting [CVE-2018-16635]
127782AccuSoft PrizmDoc HTML5 Document Viewer XML Data xml external entity reference
127781Cloud Foundry Bits Service Signing Key information disclosure
127780Pivotal RabbitMQ Cookie 7pk security [CVE-2018-1279]
127779Groovy Plugin Sandbox SandboxTransformer.java privileges management
127778Script Security Plugin Sandbox SandboxTransformer.java privileges management
127777Jenkins CronTab.java access control🔒
127776Jenkins Logging User.java path traversal🔒
127775Jenkins DirectoryBrowserSupport.java information disclosure🔒
IDTitleNessusOpenVASSnortSuricataTippingPoint
127774Jenkins Stapler Web Framework MetaClass.java deserialization🔒
127773Qualcomm Snapdragon Mobile/Snapdragon Wear Trusted Application ID Generator integer overflow
127772S-Cms sql injection [CVE-2018-20018]
127771SEMCMS SEMCMS_Main.php cross site scripting
127770YzmCMS add.html cross-site request forgery
127769PHPCMF cross site scripting [CVE-2018-20012]
127768DomainMod category.php cross site scripting
127767DomainMod ssl-provider-account.php cross site scripting
127766DomainMod ssl-provider.php cross site scripting
127765PHPOK Stored cross site scripting [CVE-2018-20006]
127764Mini-XML mxml-search.c mxmlWalkNext use after free
127763Mini-XML mxml-file.c mxml_write_node memory corruption🔒
127762GNU binutils libbfd syms.c _bfd_generic_read_minisymbols resource management
127761libav apedec.c range_decode_culshift input validation
127760Apereo Bedework bw-webdav XML Data MethodBase.java xml external entity reference
127759VeryNginx Web Application Firewall 7pk security [CVE-2018-19991]
127758Sigma Design Z-Wave S0/Z-Wave S1/Z-Wave S2 random values [CVE-2018-19983]
127757KT MC01507L Z-Wave S0 HPKP certificate validation [CVE-2018-19982]
127756Hashicorp Consul Agent-to-Agent RPC Communication cryptographic issues
127755Anker Nebula Capsule Pro WifiService input validation [CVE-2018-19980]
127754Google Android ixheaacd_adts_crc_check.c ixheaacd_adts_crc_start_reg out-of-bounds write
127753Google Android impd_drc_static_payload.c impd_parametric_drc_parse_gain_set_params out-of-bounds write
127752Google Android impd_drc_static_payload.c impd_parse_parametric_drc_instructions out-of-bounds write
127751Google Android impd_drc_static_payload.c impd_parse_dwnmix_instructions out-of-bounds write
127750Google Android impd_drc_static_payload.c impd_parse_split_drc_characteristic out-of-bounds write
127749Google Android impd_drc_dynamic_payload.c impd_parse_filt_block out-of-bounds write
127748Google Android impd_drc_static_payload.c impd_drc_parse_coeff out-of-bounds write
127747Google Android impd_drc_dynamic_payload.c impd_parse_loud_eq_instructions out-of-bounds write
127746Google Android impd_drc_dynamic_payload.c impd_parse_drc_ext_v1 out-of-bounds write
127745Google Android impd_drc_gain_decoder.c impd_init_drc_decode_post_config out-of-bounds write
127744Google Android easelcomm_hw_build_scatterlist race condition
127743Google Android llcp_commands.c nfc_llcp_build_sdreq_tlv out-of-bounds write🔒
127742Google Android pppol2tp_connect use after free
127741ZTE ZXIN10 devcomm access control [CVE-2018-7364]
127740Aruba Access Point BLE Radio 7pk security [CVE-2018-7080]
127739Aruba ClearPass Policy Manager Guest Authorization authorization
127738Aruba ClearPass Policy Manager API improper authentication [CVE-2018-7067]
127737Aruba ClearPass Policy Manager OneConnect command injection [CVE-2018-7066]
127736Aruba ClearPass Policy Manager sql injection [CVE-2018-7065]
127735Aruba ClearPass API xml external entity reference [CVE-2018-7063]
127734LibRaw Incomplete Fix dcraw_common.cpp identify integer overflow🔒
127733LibRaw dcraw_common.cpp parse_qt integer overflow🔒
127732LibRaw dcraw.c parse_minolta resource consumption🔒
127731LibRaw dcraw_common.cpp nikon_coolscan_load_raw null pointer dereference🔒
127730LibRaw dcraw_common.cpp nikon_coolscan_load_raw out-of-bounds read🔒
127729LibRaw dcraw_common.cpp rollei_load_raw memory corruption🔒
127728LibRaw dcraw_common.cpp parse_exif memory corruption
127727LibRaw dcraw_common.cpp find_green memory corruption🔒
127726LibRaw dcraw_common.cpp samsung_load_raw out-of-bounds read🔒
127725LibRaw dcraw_common.cpp leaf_hdr_load_raw null pointer dereference🔒
127724LibRaw dcraw_common.cpp quicktake_100_load_raw memory corruption🔒
127723LibRaw dcraw_common.cpp identify divide by zero🔒
127722LibRaw dcraw_common.cpp kodak_radc_load_raw out-of-bounds read🔒🔒
127721LibRaw libraw_cxx.cpp unpack null pointer dereference🔒🔒
127720LibRaw dcraw_common.cpp kodak_ycbcr_load_raw memory corruption🔒🔒
127719Xen HLE Transaction input validation [CVE-2018-19967]🔒
127718Xen access control [CVE-2018-19966]🔒
127717Xen denial of service [CVE-2018-19965]🔒
127716Xen P2M Lock 7pk error [CVE-2018-19964]🔒
127715Xen x86 IOREQ Server resource management [CVE-2018-19963]🔒
127714Xen IOMMU Mapping access control [CVE-2018-19962]🔒
127713Xen TLB Flush access control [CVE-2018-19961]🔒
127712OnionShare web.py debug_mode input validation
127711IBM Marketing Platform XML Data xml external entity reference
127710Philips HealthSuite Health App inadequate encryption [CVE-2018-19001]
127709IBM Connections Host Header injection [CVE-2018-1896]
127708IBM MQ Console REST API denial of service [CVE-2018-1883]
127707Rockwell MicroLogix 1400 Controller CIP Connection Request IP Address missing authentication
127706Foreman cross site scripting [CVE-2018-16861]
127705IBM DataPower Gateways HSTS information disclosure [CVE-2018-1663]
127704GE Proficy Cimplicity GDS XML Data xml external entity reference
127703IBM Marketing Platform XML Data xml external entity reference
127702Google Android WLAN memory corruption [CVE-2018-11905]
127701LibRaw dcraw_common.cpp xtrans_interpolate out-of-bounds read🔒🔒
127700LibRaw dcraw_common.cpp panasonic_load_raw memory corruption🔒🔒
127699Google Android 802.11 Frame resource consumption [CVE-2017-15835]
127698Google Android Host Driver memory corruption [CVE-2017-14888]
127697Xiaomi Mi A2 Lite/RedMi6 Pro Goodix GT9xx Touchscreen Driver gt9xx.c gtp_read_Color null pointer dereference
127696PHP php_imap.c imap_mail null pointer dereference🔒
127695GNU binutils libbfd elf.c integer overflow
127694GNU binutils libbfd elfcode.h bfd_elf32_swap_phdr_in memory corruption
127693Google Android sock.c sk_clone_lock type conversion🔒
127692Google Android Verified Boot privileges management [CVE-2018-9567]
127691Google Android sdp_discovery.c process_service_search_rsp out-of-bounds read
127690Google Android xltdecwbxml.c readBytes out-of-bounds read
127689Google Android bta_ag_sdp.cc bta_ag_do_disc out-of-bounds read
127688Google Android Bluetooth Service hidd_api.cc HID_DevAddRecord out-of-bounds write
127687Google Android cryptfs.cpp persist_set_key out-of-bounds write
127686Google Android rw_t2t_ndef.cc rw_t2t_handle_tlv_detect out-of-bounds write
127685Google Android install.cpp really_install_package use after free
127684Google Android payload_metadata.cc ParsePayloadHeader out-of-bounds write
127683Google Android l2c_fcr.cc l2c_lcc_proc_pdu out-of-bounds write
127682Google Android IMediaExtractor.cp dumpExtractors information disclosure
127681Google Android mkvparser.cc Parse double free
127680Google Android ihevcd_sao.c ihevcd_sao_shift_ctb out-of-bounds write
127679Google Android Media Server aacdecoder.cpp CAacDecoder_Init out-of-bounds write
127678Google Android aacdecoder.cpp CAacDecoder_Init out-of-bounds write
127677Google Android lpp_tran.cpp lppTransposer out-of-bounds write
127676Google Android ContentProvider.java permission
127675Google Android GraphicBuffer.cpp input validation
127674Google Android v4l2_slice_video_decode_accelerator.cc Dequeue out-of-bounds read
127673McAfee True Key Microsoft Windows Client access control [CVE-2018-6757]
127672McAfee True Key Microsoft Windows Client access control [CVE-2018-6756]
127671McAfee True Key Microsoft Windows Client access control [CVE-2018-6755]
127670Zenitel Norway IP-StationWeb zForm_save_changes Stored cross site scripting
127669Zenitel Norway IP-StationWeb Reflected cross site scripting [CVE-2018-19926]
127668Sales / Company Management System member_order.php sql injection
127667Sales / Company Management System cross site scripting [CVE-2018-19924]
127666Sales / Company Management System cross-site request forgery
127665Actiontec C1000A Website Blocking Page advancedsetup_websiteblocking.html Persistent cross site scripting
127664Zoho ManageEngine OpManager Domain Controller cross site scripting
127663Pixelimity portfolio.php Persistent cross site scripting
127662DomainMod host.php cross site scripting
127661DomainMod dns.php cross site scripting
127660DomainMod registrar-accounts.php cross site scripting
127659FreeSWITCH mod_xml_rpc input validation [CVE-2018-19911]
127658MISP Import Event.php os command injection
127657QEMU Bluetooth Subsystem integer overflow [CVE-2018-19665]🔒
127656Moxa NPort W2x50A Web Server webSettingProfileSecurity os command injection
127655Moxa NPort W2x50A Web Server net_WebPingGetValue os command injection
127654IBM Connections Error Message information disclosure [CVE-2018-1935]
127653IBM Financial Transaction Manager for Digital Payments for Multi-Platform Web UI cross site scripting
127652Norton Password Manager cross site scripting [CVE-2018-18362]
127651Amazon Web Services FreeRTOS xProcessReceivedTCPPacket information disclosure
127650Amazon Web Services FreeRTOS DHCP Response information disclosure
127649Amazon Web Services FreeRTOS IP Header prvProcessIPPacket integer underflow
127648Amazon Web Services FreeRTOS ARP Packet eARPProcessPacket information disclosure
127647Amazon Web Services FreeRTOS NBNS Packet prvTreatNBNS information disclosure
127646Amazon Web Services FreeRTOS DNS Response prvParseDNSReply confused deputy
127645Amazon Web Services FreeRTOS TLS Connectivity GGD_SecureConnect_Connect input validation
127644Amazon Web Services FreeRTOS prvProcessICMPPacket information disclosure
127643Amazon Web Services FreeRTOS Protocol Checksum Generator prvProcessIPPacket memory corruption
127642Amazon Web Services FreeRTOS DNS LLMNR Packet prvParseDNSReply memory corruption
127641Amazon Web Services FreeRTOS TCP Options prvCheckOptions information disclosure
127640Amazon Web Services FreeRTOS prvCheckOptions divide by zero
127639Amazon Web Services FreeRTOS use after free [CVE-2018-16522]
127638F5 BIG-IP APM Client svpn race condition [CVE-2018-15332]
127637IBM i2 Enterprise Insight Analysis HSTS information disclosure
127636IBM i2 Enterprise Insight Analysis Web Page Storage information disclosure
127635IBM i2 Enterprise Insight Analysis input validation [CVE-2018-1504]
127634Apple iCloud WebKit memory corruption [CVE-2018-4438]🔒
127633Apple iCloud WebK it memory corruption [CVE-2018-4443]🔒
127632Apple iCloud WebK it memory corruption [CVE-2018-4442]🔒
127631Apple iCloud WebK it memory corruption [CVE-2018-4441]🔒
127630Apple iCloud WebKit memory corruption [CVE-2018-4464]🔒
127629Apple iCloud WebKit memory corruption [CVE-2018-4437]🔒
127628Apple iCloud Safari input validation [CVE-2018-4439]🔒
127627Apple iCloud Safari Address input validation🔒
127626Apple Safari WebKit memory corruption [CVE-2018-4438]🔒
127625Apple Safari WebKit memory corruption [CVE-2018-4443]🔒
127624Apple Safari WebKit memory corruption [CVE-2018-4442]🔒
127623Apple Safari WebKit memory corruption [CVE-2018-4441]🔒
127622Apple Safari WebKit memory corruption [CVE-2018-4464]🔒
127621Apple Safari WebKit memory corruption [CVE-2018-4437]🔒
127620Apple Safari information disclosure [CVE-2018-4445]🔒
127619Apple Safari input validation [CVE-2018-4439]🔒
127618Apple Safari Address input validation [CVE-2018-4440]🔒
127617Apple iTunes WebKit memory corruption [CVE-2018-4438]🔒
127616Apple iTunes WebKit memory corruption [CVE-2018-4443]🔒
127615Apple iTunes WebKit memory corruption [CVE-2018-4442]🔒
127614Apple iTunes WebKit memory corruption [CVE-2018-4441]🔒
127613Apple iTunes WebKit memory corruption [CVE-2018-4464]🔒
127612Apple iTunes WebKit memory corruption [CVE-2018-4437]🔒
127611Apple iTunes Safari input validation [CVE-2018-4439]🔒
127610Apple iTunes Safari Address input validation🔒
127609Apple macOS WindowServer memory corruption [CVE-2018-4450]🔒
127608Apple macOS WindowServer memory corruption [CVE-2018-4449]🔒
127607Apple macOS Kernel memory corruption [CVE-2018-4461]🔒
127606Apple macOS Kernel input validation [CVE-2018-4435]🔒
127605Apple macOS Kernel memory corruption [CVE-2018-4447]🔒
127604Apple macOS Kernel Memory information disclosure🔒
127603Apple macOS Kernel input validation [CVE-2018-4460]🔒
127602Apple macOS IOHIDFamily memory corruption [CVE-2018-4427]🔒
127601Apple macOS Intel Graphics Driver out-of-bounds read [CVE-2018-4434]🔒
127600Apple macOS Disk Images memory corruption [CVE-2018-4465]🔒
127599Apple macOS Carbon Core memory corruption [CVE-2018-4463]🔒
127598Apple macOS AMD Memory input validation🔒
127597Apple macOS Airport input validation [CVE-2018-4303]🔒
127596Apple tvOS WebKit memory corruption [CVE-2018-4464]🔒
127595Apple tvOS WebKit memory corruption [CVE-2018-4437]🔒
127594Apple tvOS WebKit memory corruption [CVE-2018-4438]🔒
127593Apple tvOS WebKit memory corruption [CVE-2018-4443]🔒
127592Apple tvOS WebKit memory corruption [CVE-2018-4442]🔒
127591Apple tvOS WebKit memory corruption [CVE-2018-4441]🔒
127590Apple tvOS Profiles certificate validation [CVE-2018-4436]🔒
127589Apple tvOS Kernel memory corruption [CVE-2018-4461]🔒
127588Apple tvOS Kernel memory corruption [CVE-2018-4447]🔒
127587Apple tvOS Kernel input validation [CVE-2018-4435]🔒
127586Apple tvOS Kernel Kernel Memory information disclosure🔒
127585Apple tvOS Kernel input validation [CVE-2018-4460]🔒
127584Apple tvOS Disk Images memory corruption [CVE-2018-4427]🔒
127583Apple tvOS Airport input validation [CVE-2018-4303]🔒
127582Apple iOS WebKit memory corruption [CVE-2018-4464]🔒
127581Apple iOS WebKit memory corruption [CVE-2018-4437]🔒
127580Apple iOS WebKit memory corruption [CVE-2018-4438]🔒
127579Apple iOS WebKit memory corruption [CVE-2018-4443]🔒
127578Apple iOS WebKit memory corruption [CVE-2018-4442]🔒
127577Apple iOS WebKit memory corruption [CVE-2018-4441]🔒
127576Apple iOS Safari information disclosure [CVE-2018-4445]🔒
127575Apple iOS Safari Address input validation🔒
127574Apple iOS Safari input validation [CVE-2018-4439]🔒
127573Apple iOS Profiles certificate validation [CVE-2018-4436]🔒
127572Apple iOS LinkPresentation input validation [CVE-2018-4429]
127571Apple iOS Kernel memory corruption [CVE-2018-4461]🔒
127570Apple iOS Kernel memory corruption [CVE-2018-4447]🔒
127569Apple iOS Kernel input validation [CVE-2018-4435]🔒
127568Apple iOS Kernel Kernel Memory information disclosure🔒
127567Apple iOS Kernel input validation [CVE-2018-4460]🔒
127566Apple iOS File Provider input validation [CVE-2018-4446]
127565Apple iOS FaceTime Contact information disclosure
127564Apple iOS Disk Images memory corruption [CVE-2018-4465]🔒
127563Apple iOS Airport input validation [CVE-2018-4303]🔒
127562Crafter CMS Template os command injection [CVE-2018-19907]
127561ThinkCMF ArticleController.class.php edit_post sql injection
127560ThinkCMF AdminbaseController.class.php listorders sql injection
127559ThinkCMF SlideController.class.php delete sql injection
127558ThinkCMF NavController.class.php edit_post sql injection
127557ThinkCMF CommentadminController.class.php check sql injection
127556PbootCMS SearchController.php sql injection
127555DomainMod add-server.php cross site scripting
127554Freeware Advanced Audio Coder huff2.c huffcode memory corruption
127553Freeware Advanced Audio Coder huff2.c huffcode memory corruption
127552Freeware Advanced Audio Coder huff2.c huffcode memory corruption
127551Freeware Advanced Audio Coder huff2.c huffcode memory corruption
127550Freeware Advanced Audio Coder huff2.c huffcode memory corruption
127549Freeware Advanced Audio Coder huff2.c huffcode memory corruption
127548Artifex MuPDF svg-run.c svg_run_image null pointer dereference
127547Artifex MuPDF svg-run.c fz_xml_att resource consumption
127546Adiscon LogAnalyzer Login Button Referer Field login.php cross site scripting
127545Cairo cairo-ft-font.c cairo_ft_apply_variations use after free🔒
127544Qt Virtual Keyboard log file [CVE-2018-19865]
127543NUUO NVRmini2 Network Video Recorder input validation [CVE-2018-19864]
127542OpenRefine path traversal [CVE-2018-19859]
127541VideoLAN VLC Media Player CAF Demuxer caf.c ReadKukiChunk uninitialized pointer🔒
127540Tarantella Enterprise Access Control access control [CVE-2018-19754]
127539Tarantella Enterprise path traversal [CVE-2018-19753]
127538Antiy AVL ATool Security Management Kernel Driver IRPFile.sys memory corruption
127537ARM mbed TLS RSA Decryption cryptographic issues [CVE-2018-19608]🔒
127536IBM Campaign access control [CVE-2018-1941]
127535IBM QRadar SIEM information disclosure [CVE-2018-1732]
127534IBM QRadar SIEM XML Data xml external entity reference [CVE-2018-1730]
127533IBM QRadar SIEM Web UI cross site scripting [CVE-2018-1728]
127532IBM Maximo Asset Management Username information disclosure [CVE-2018-1697]
127531Solarwinds SFTP SCP Server Configuration File xml external entity reference
127530Solarwinds SFTP SCP Server Configuration File Password credentials management
127529IBM QRadar SIEM hard-coded credentials [CVE-2018-1650]
127528IBM QRadar SIEM inadequate encryption [CVE-2018-1648]
127527Cloud Foundry NFS Volume Log Credentials credentials management
127526Dell Encryption Folder Access information disclosure [CVE-2018-15773]
127525IBM QRadar SIEM Web Pages information disclosure [CVE-2018-1568]
127524Intel IPP Cryptographic Library information disclosure [CVE-2018-12155]
127523Minikube Kubernetes Dashboard cross-site request forgery [CVE-2018-1002103]
127522Kubernetes Volume Mount command injection [CVE-2018-1002101]
127521IBM QRadar SIEM Certificate Validation certificate validation
127520BMC Remedy Action Request System improper authentication [CVE-2018-19505]
127519Data Ontap 7-Mode information disclosure [CVE-2018-5496]
127518Hashicorp Vault Server Log log file [CVE-2018-19786]
127517CX-One CX-Programmer/CX-Server memory corruption [CVE-2018-18993]
127516SCADA Webserver Reflected cross site scripting [CVE-2018-18991]
127515CX-One CX-Programmer/CX-Server Project File use after free [CVE-2018-18989]
127514GitLab Enterprise Edition Kubernetes server-side request forgery🔒
127513GitLab Community Edition/Enterprise Edition Error Message information disclosure🔒
127512GitLab Community Edition/Enterprise Edition Authorization improper authorization🔒
127511GitLab Community Edition/Enterprise Edition server-side request forgery🔒
127510GitLab Community Edition/Enterprise Edition Email Reply information disclosure🔒
127509GitLab Community Edition/Enterprise Edition Prometheus information disclosure🔒
127508GitLab Community Edition/Enterprise Edition cross site scripting🔒
127507GitLab Community Edition/Enterprise Edition credentials management🔒
127506GitLab Community Edition/Enterprise Edition Bowser Cache information disclosure🔒
127505GitLab Community Edition Epic Change Description information disclosure🔒
127504GitLab Community Edition GFM Markdown API information disclosure🔒
127503GitLab Community Edition/Enterprise Edition JSON Endpoint information disclosure🔒
127502FreeBSD bhyve input validation [CVE-2018-17160]
127501Red Hat OpenShift Container Platform 3 7pk error [CVE-2018-1002105]🔒
127500Huawei P20 out-of-bounds write [CVE-2018-7987]
127499Huawei VIP App Brute Force improper authentication [CVE-2018-7956]
127498VMware ESXi vmxnet3 Virtual Network Adapter information disclosure🔒
127497VMware ESXi/Workstation/Fusion vmxnet3 Virtual Network Adapter memory corruption🔒
127496Google Chrome File Download Page.downloadBehavior unrestricted upload🔒
127495Google Chrome WebAssembly null pointer dereference [CVE-2018-6116]🔒🔒
127494Google Chrome File Download Malware input validation🔒🔒
127493Google Chrome URL Formatter Domain Name data processing🔒🔒
127492Google Chrome URL Formatter Domain Name data processing🔒🔒
127491Google Chrome Omnibox Domain Name data processing🔒🔒
127490Google Chrome URL Formatter data processing [CVE-2018-6104]🔒🔒
127489Google Chrome Prompts Policy input validation🔒🔒
127488Google Chrome Omnibox URL input validation🔒🔒
127487Google Chrome DevTools input validation [CVE-2018-6101]🔒🔒
127486Google Chrome Blink information disclosure [CVE-2018-6099]🔒🔒
127485Google Chrome URL Formatter Domain Name data processing🔒🔒
127484Google Chrome Blink information disclosure [CVE-2018-6095]🔒🔒
127483Google Chrome GarbageCollection memory corruption [CVE-2018-6094]🔒🔒
127482Google Chrome WebAssembly integer overflow [CVE-2018-6092]🔒🔒
127481Google Chrome Skia integer overflow [CVE-2018-6090]🔒🔒
127480Google Chrome Service Worker input validation [CVE-2018-6089]🔒🔒
127479Google Chrome PDFium input validation [CVE-2018-6088]🔒🔒
127478Google Chrome WebAssembly use after free [CVE-2018-6087]🔒🔒
127477Google Chrome Networking Disk Cache use after free [CVE-2018-6086]🔒🔒
127476Google Chrome Networking Disk Cache input validation [CVE-2018-6085]🔒🔒
127475Linux Kernel Crypto User Configuration API crypto_user.c crypto_report_one information disclosure🔒
127474hitshop add privileges management
127473YzmCMS search.html cross site scripting
127472radare2 asm_x86_nz.c opmov out-of-bounds read
127471radare2 asm_x86_nz.c gettoken out-of-bounds read
127470Wavpack open_utils.c WavpackVerifySingleBlock out-of-bounds read
127469Wavpack pack_utils.c WavpackPackInit resource consumption
127468LibSass sass_context.cpp handle_error out-of-bounds read
127467LibSass ast.cpp clone resource consumption
127466LibSass Parser eval.cpp Binary_Expression*) resource consumption
127465GNU C Library getaddrinfo input validation🔒
127464FreeBSD NFS Server resource consumption [CVE-2018-17159]🔒
127463FreeBSD NFS Server integer overflow [CVE-2018-17158]🔒
127462FreeBSD NFS Server integer overflow [CVE-2018-17157]🔒
127461Pluck cross-site request forgery [CVE-2018-16634]
127460Pluck cross site scripting [CVE-2018-16633]
127459Intelliants Subrion CMS cross site scripting [CVE-2018-16631]
127458Intelliants Subrion CMS #elf_l1_XA cross site scripting
127457Kirby Blog Name cross site scripting [CVE-2018-16628]
127456simplehttpserver path traversal [CVE-2018-16478]
127455ASUSTOR ADM Login Page 7pk security [CVE-2018-12319]
127454ASUSTOR ADM SNMP Settings Page Password credentials management
127453ASUSTOR ADM POST Parameter group.cgi os command injection
127452ASUSTOR ADM upload.cgi os command injection
127451ASUSTOR ADM Password Verification Change credentials management
127450ASUSTOR ADM URL downloadwallpaper.cgi path traversal
127449ASUSTOR ADM URL snmp.cgi input validation🔒
127448ASUSTOR ADM user.cgi os command injection
127447ASUSTOR ADM File Explorer cross site scripting [CVE-2018-12311]
127446ASUSTOR ADM System Announcement cross site scripting [CVE-2018-12310]
127445ASUSTOR ADM upload.cgi path traversal
127444ASUSTOR ADM share.cgi Key information disclosure
127443ASUSTOR ADM user.cgi os command injection
127442ASUSTOR ADM URL path traversal [CVE-2018-12306]
127441ASUSTOR ADM SVG Image Embedded cross site scripting
127440YunoHost Profile Page cross site scripting [CVE-2018-11348]
127439YunoHost Header Injection response splitting [CVE-2018-11347]
127438Cisco Energy Management Suite PostgreSQL Database hard-coded credentials
127437HPE Intelligent Management Center dbman input validation [CVE-2018-7116]🔒
127436HPE Intelligent Management Center dbman.exe memory corruption🔒
127435HPE Intelligent Management Center dbman memory corruption [CVE-2018-7114]🔒
127434HPE Integrated Lights-Out 5 Firmware Update 7pk security [CVE-2018-7113]
127433Brocade Fabric OS Proxy Service privileges management [CVE-2018-6440]
127432Brocade Fabric OS Command Line Interface access control [CVE-2018-6439]
127431HHVM Proxygen data processing [CVE-2018-6332]
127430Netgate pfSense command injection [CVE-2018-4021]
127429Netgate pfSense command injection [CVE-2018-4020]
127428Netgate pfSense command injection [CVE-2018-4019]
127427Quicken Deluxe 2018 Password Protection input validation [CVE-2018-3854]
127426MetInfo HTTP Header applogin.php response splitting
127425MetInfo move.php Reflected cross site scripting
127424LibSass SharedPtr.cpp SharedPtr use after free
127423LibSass inspect.cpp String_Quoted*) resource consumption
127422Linux Kernel ALSA Driver card.c use after free🔒
127421LibSass SharedPtr.hpp populate_extends null pointer dereference
127420Ninja Forms Plugin step-processing.php redirect [CVE-2018-19796]
127419ChipsBank UMPTool Password Storage insufficiently protected credentials
127418Internet2 Grouper UiV2Public.index cross site scripting
127417jiacrontab command injection [CVE-2018-19793]
127416LiteSpeed OpenLiteSpeed Server getServerRootFromExecutablePath memory corruption
127415LiteSpeed OpenLiteSpeed Byte Sequence input validation [CVE-2018-19791]
127414PolicyKit UID input validation [CVE-2018-19788]🔒
127413IBM WebSphere Application Server Security Domain access control
127412Nettle PKCS #1 Bleichenbacher cryptographic issues🔒
127411GnuTLS PKCS #1 Bleichenbacher cryptographic issues🔒
127410Red Hat Enterprise Linux Incomplete Fix CVE-2018-16509 os command injection🔒
127409PowerDNS Recursor out-of-bounds read [CVE-2018-16855]🔒
127408Drobo 5N2 NAS Dashboard API improper authentication [CVE-2018-14709]
127407Drobo 5N2 NAS Dashboard API improper authentication [CVE-2018-14708]
127406Drobo 5N2 NAS Pix Web Application path traversal [CVE-2018-14707]
127405Drobo 5N2 NAS demo command injection
127404Drobo 5N2 NAS MySQL API Error Page cross site scripting [CVE-2018-14704]
127403Drobo 5N2 NAS data Password access control
127402Drobo 5N2 NAS Access Control drobo.php information disclosure
127401Drobo 5N2 NAS delete_user command injection
127400Drobo 5N2 NAS Access Control logfile.php Log log file
127399Drobo 5N2 NAS enable_user command injection
127398Drobo 5N2 NAS delete_user cross site scripting
127397Drobo 5N2 NAS enable_user cross site scripting
127396Drobo 5N2 NAS Access Control drobo.php information disclosure
127395Drobo 5N2 NAS Access Control diags.php Diagnostic information disclosure
127394Arigato Autoresponder/Newsletter unsubscribe.html.php Reflected cross site scripting
127393Arigato Autoresponder/Newsletter list-user.html.php Reflected cross site scripting
127392Arigato Autoresponder/Newsletter integration-contact-form.html.php Reflected cross site scripting
127391Arigato Autoresponder/Newsletter integration-contact-form.html.php cross site scripting
127390Arigato Autoresponder/Newsletter bft_list.html.php cross site scripting
127389Arigato Autoresponder/Newsletter Reflected cross site scripting
127388Arigato Autoresponder/Newsletter Reflected cross site scripting
127387Arigato Autoresponder/Newsletter Reflected cross site scripting
127386Arigato Autoresponder/Newsletter Reflected cross site scripting
127385Arigato Autoresponder/Newsletter Blind sql injection [CVE-2018-1002000]
127384Perl Regex regcomp.c S_regatom memory corruption🔒
127383Perl Regex regcomp.c S_grok_bslash_N out-of-bounds read🔒
127382Perl Regex regcomp.c S_regatom memory corruption🔒
127381Perl Perl_my_setenv memory corruption🔒
127380lxml javascript URL clean.py cross site scripting🔒
127379Atlantis Word Processor Rich Text Format Parser uninitialized pointer
127378Atlantis Word Processor PNG out-of-bounds write [CVE-2018-4039]
127377Atlantis Word Processor Open Document Parser write-what-where condition
127376LXCI for VMware File Download input validation [CVE-2018-9072]
127375Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server cross-site request forgery
127374Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server response splitting
127373Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server password recovery
127372Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server cross site scripting
127371Modicon M340/Premium/Quantum PLCs/BMXNOR0200 Embedded Web Server password recovery
127370StruxureWare Data Center Expert File Upload path traversal [CVE-2018-7807]
127369StruxureWare Data Center Operation File Upload path traversal
127368TP-LINK TL-R600VPN HTTP Server header-parsing memory corruption
127367TP-LINK TL-R600VPN HTTP Server memory corruption [CVE-2018-3950]
127366TP-LINK TL-R600VPN HTTP Server path traversal [CVE-2018-3949]
127365TP-LINK TL-R600VPN Management Portal input validation [CVE-2018-3948]
127364PHP-Proxy index.php cross site scripting
127363PHP-Proxy helpers.php str_rot_pass cryptographic issues
127362Budabot Lax Syntax Validator calc.php command injection
127361IBM StoredIQ access control [CVE-2018-1928]
127360IBM StoredIQ cross-site request forgery [CVE-2018-1927]
127359VT-Designer deserialization [CVE-2018-18987]
127358VT-Designer memory corruption [CVE-2018-18983]
127357IBM DB2 db2pdcfg memory corruption [CVE-2018-1897]
127356SwitchVPN Client access control [CVE-2018-18860]
127355Active Storage access control [CVE-2018-16477]
127354Active Job Access Control input validation [CVE-2018-16476]🔒
127353LXCI for VMware/LXCI for Microsoft System Center File Upload unrestricted upload
127352LXCI for VMware File Upload unrestricted upload [CVE-2018-16093]
127351Google Android Permission permission [CVE-2018-15835]
127350Dell OpenManage Network Manager MySQL access control [CVE-2018-15768]
127349Dell Network Manager Authorization sudoers improper authorization
127348NUUO NVRMini2 upgrade_handle.php os command injection🔒
127347Zoom Client Message input validation [CVE-2018-15715]🔒
127346KeyCloak SAML Broker Endpoint improper authentication [CVE-2018-14637]🔒
127345QNAP QTS cross site scripting [CVE-2018-0716]
127344Artifex MuPDF svg-device.c svg_dev_end_tile resource consumption
127343Mini-XML memory leak [CVE-2018-19764]
127342libsixel writer.c write_png_to_file out-of-bounds read
127341libsixel fromsixel.c image_buffer_resize memory corruption
127340libsixel fromsixel.c sixel_decode_raw_impl out-of-bounds read
127339libConfuse confuse.c cfg_init resource management
127338libsixel stb_image_write.h stbi_write_png_to_mem out-of-bounds read
127337libsndfile wav.c wav_write_header out-of-bounds read🔒
127336libsixel status.c sixel_helper_set_additional_message null pointer dereference
127335libsixel stb_image.h stbi__tga_load out-of-bounds read
127334Netwide Assembler Array Access preproc.c input validation
127333FreeRDP NTLM Authentication out-of-bounds read [CVE-2018-8789]🔒
127332FreeRDP nsc_rle_decode out-of-bounds write🔒
127331FreeRDP gdi_Bitmap_Decompress integer overflow🔒
127330FreeRDP update_read_bitmap_update memory corruption🔒
127329FreeRDP zgfx_decompress memory corruption🔒
127328FreeRDP zgfx_decompress_segment memory corruption🔒
127327DomainMod Registrar registrar.php cross site scripting
127326DomainMod Custom SSL Field add.php cross site scripting
127325DomainMod Custom Domain cross site scripting [CVE-2018-19750]
127324DomainMod account-owner.php cross site scripting
127323SDcms Base64 Encoding admincontroller.php path traversal
127322tp5cms set.html cross site scripting
127321tp5cms picture.html unrestricted upload
127320OSSEC path traversal [CVE-2018-19666]
127319libjpeg-turbo wrbmp.c put_pixel_rows memory corruption🔒
127318libsndfile alaw.c i2alaw_array memory corruption🔒
127317libsndfile ulaw.c i2ulaw_array memory corruption🔒
127316dcraw Products find_green memory corruption
127315SCMS access control [CVE-2018-19654]
127314Wireshark ZigBee ZCL Dissector packet-zbee-zcl-lighting.c divide by zero🔒
127313Wireshark IxVeriWave File Parser vwr.c out-of-bounds read🔒
127312Wireshark DCOM Dissector packet-dcom.c memory corruption🔒
127311Wireshark Dissection Engine tvbuff_composite.c out-of-bounds read🔒
127310Wireshark PVFS Dissector packet-pvfs2.c null pointer dereference🔒
127309Wireshark LBMPDM Dissector packet-lbmpdm.c numeric error🔒
127308Wireshark MMSE Dissector packet-mmse.c resource consumption🔒
127307i4 Assistant iOS Setting cross site scripting [CVE-2018-19527]
127306The Sleuth Kit hfs.c hfs_cat_traverse out-of-bounds read🔒
127305KDE Applications HTML Thumbnailer Plugin information disclosure🔒
127304GitLab Community Edition/Enterprise Edition Wiki API input validation🔒
127303Advanced Comment System admin.php sql injection
127302IBM Rational Collaborative Lifecycle Management Web UI cross site scripting
127301Ansible Playbooks Log Credentials log file🔒
127300Adobe Photoshop CC out-of-bounds read [CVE-2018-15980]🔒
127299Adobe Acrobat Reader NTLM SSO Hash information disclosure [CVE-2018-15979]🔒
127298Adobe Flash Player out-of-bounds read [CVE-2018-15978]🔒
127297OCS Inventory NG File Upload unrestricted upload [CVE-2018-15537]
127296PowerDNS Authoritative Server/Recursor Cache data processing🔒
127295Symantec Endpoint Protection DLL Loader untrusted search path🔒
127294Symantec Endpoint Protection Detection Engine 7pk security [CVE-2018-12239]🔒
127293Symantec Endpoint Protection Detection Engine 7pk security [CVE-2018-12238]🔒
127292Pulse Secure Desktop Client Permission uncontrolled search path
127291PowerDNS Authoritative Server/PowerDNS Recursor resource management🔒
127290Qualcomm Snapdragon Automobile DRM memory corruption [CVE-2018-5918]
127289Qualcomm Snapdragon Automobile/Snapdragon Mobile OEM Crypto memory corruption
127288Qualcomm Snapdragon Automobile PDP Decoder out-of-bounds read
127287Qualcomm Snapdragon Automobile/Snapdragon Mobile Video memory corruption
127286Qualcomm Snapdragon Automobile Device Programmer memory corruption
127285Qualcomm Snapdragon Mobile Service Image Loader memory corruption
127284Rapid7 Komand API information disclosure [CVE-2018-5559]
127283Interspire Email Marketer remote.php server-side request forgery
127282Imperva SecureSphere Python CGI Script os command injection [CVE-2018-19646]
127281OpenWrt/LEDE uhttpd cgi_handle_request Reflected cross site scripting
127280ShowDoc cross-site request forgery [CVE-2018-19621]
127279ShowDoc access control [CVE-2018-19620]
127278Yoast SEO Plugin ZIP Import class-import-settings.php race condition
127277Subaru StarLink Harman Head Unit Firmware Persistent signature verification
127276Teledyne DALSA Sherlock memory corruption [CVE-2018-17930]
127275FreeBSD ICMP Reply out-of-bounds write [CVE-2018-17156]
127274Samba AD DC Configuration security check for standard [CVE-2018-16857]🔒
127273Samba Kerberos resource consumption [CVE-2018-16853]🔒
127272Samba DNS Zone null pointer dereference [CVE-2018-16852]🔒
127271Samba LDAP Service null pointer dereference [CVE-2018-16851]🔒
127270Samba Smart-Card Authentication talloc_free double free🔒
127269IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1584]
127268Cisco Prime License Manager Web Framework sql injection [CVE-2018-15441]
127267QNAP QTS memory corruption [CVE-2018-14749]
127266QNAP QTS improper authorization [CVE-2018-14748]
127265QNAP QTS Media Server null pointer dereference [CVE-2018-14747]
127264QNAP QTS command injection [CVE-2018-14746]
127263Samba LDAP Server resource consumption [CVE-2018-14629]🔒
127262Node.js javascript URL url.parse input validation🔒
127261Node.js HTTP Header Slowloris resource consumption🔒
127260Node.js HTTP Header resource consumption [CVE-2018-12121]🔒
127259Node.js Debugger 7pk security [CVE-2018-12120]🔒
127258Node.js HTTP Request request smuggling [CVE-2018-12116]🔒
127257Qualcomm Snapdragon Automobile Device Programmer array index
127256Qualcomm Snapdragon Automobile SMMU Secure Camera access control
127255Qualcomm Snapdragon Automobile SUI Display 7pk error [CVE-2018-11921]
127254Qualcomm Snapdragon Automobile Ontario Fingerprint memory corruption
127253Qualcomm Snapdragon Automobile/Snapdragon Mobile CRL Validation input validation
127252Qualcomm Snapdragon Automobile/Snapdragon Mobile Modem input validation
127251Qualcomm Snapdragon Automobile Ontario Kernel Driver Kernel Memory access control
127250Qualcomm Snapdragon Mobile ASN.1 Parser out-of-bounds read [CVE-2017-18315]
127249Lenovo Software Update 7pk security [CVE-2018-9084]
127248Lenovo System Management Module credentials management [CVE-2018-9083]
127247Huawei Smartphone Factory Reset Protection authorization [CVE-2018-7988]
127246Huawei Product Communication information disclosure [CVE-2018-7977]
127245Huawei Smart Phone SMS Verification Code information disclosure
127244Huawei eSpace SRTP cryptographic issues [CVE-2018-7960]
127243Huawei eSpace SRTP information disclosure [CVE-2018-7959]
127242Huawei eSpace TLS improper authentication [CVE-2018-7958]
127241Huawei Smartphone Configuration information disclosure [CVE-2018-7946]
127240VMware Workstation/Fusion Virtual Network Device integer overflow🔒
127239NVIDIA GeForce Experience information disclosure [CVE-2018-6266]
127238NVIDIA GeForce Experience Application Installation access control
127237NVIDIA GeForce Experience DLL Loader access control [CVE-2018-6263]
127236Google Android WLAN Host Driver use after free [CVE-2018-5919]
127235Google Android Linux Kernel memory corruption [CVE-2018-5910]
127234Google Android Display memory corruption [CVE-2018-5909]
127233Google Android Display memory corruption [CVE-2018-5908]
127232Google Android debugfs memory corruption [CVE-2018-5906]
127231Google Android LPM Status Driver use after free [CVE-2018-5904]
127230Google Android Linux Kernel type conversion [CVE-2018-5861]
127229Google Android Audio use after free [CVE-2018-5856]
127228ShowDoc information disclosure [CVE-2018-19609]
127227Exiv2 easyaccess.cpp isoSpeed null pointer dereference
127226PbootCMS code injection [CVE-2018-19595]
127225Cesanta Mongoose mongoose.c mg_mqtt_add_session memory corruption
127224NUOO CMS Web Server sql injection [CVE-2018-18982]
127223openSUSE Linux Enterprise PAM 1.3.0 data processing [CVE-2018-17953]🔒
127222NUUO CMS File Upload unrestricted upload [CVE-2018-17936]
127221NUUO CMS path traversal [CVE-2018-17934]
127220Umbraco CMS Content Header Name Persistent cross site scripting
127219Xiaomi Mi Router 3 URL Parameter command injection [CVE-2018-16130]
127218Lenovo System Management Module Web Interface cross site scripting
127217Lenovo System Management Module Debug Log Password debug log file
127216Lenovo System Management Module memory corruption [CVE-2018-16094]
127215Lenovo System Management Module FFDC credentials management [CVE-2018-16092]
127214Lenovo System Management Module SMM Certificate memory corruption
127213Lenovo System Management Module SMM Certificate command injection
127212Lenovo System Management Module SMM Firmware command injection
127211ZyXEL NSA325 V2 zyshclient command injection [CVE-2018-14893]
127210ZyXEL NSA325 V2 Web Application cross-site request forgery [CVE-2018-14892]
127209TerraMaster TOS ajaxdata.php command injection
127208Fortinet FortiOS Web Pages resource management [CVE-2018-13376]🔒
127207Master TerraMaster TOS usertable.php User input validation
127206TerraMaster TOS Text Editor cross site scripting [CVE-2018-13360]
127205TerraMaster TOS usertable.php cross-site request forgery
127204TerraMaster TOS ajaxdata.php command injection
127203TerraMaster TOS Shared Folders cross site scripting [CVE-2018-13357]
127202TerraMaster TOS Access Control ajaxdata.php access control
127201TerraMaster TOS Shared Folders access control [CVE-2018-13355]
127200TerraMaster TOS logtable.php command injection
127199TerraMaster TOS ajaxdata.php command injection
127198TerraMaster TOS Web Application Session Token information disclosure
127197TerraMaster TOS Control Panel cross site scripting [CVE-2018-13351]
127196TerraMaster TOS logtable.php sql injection
127195TerraMaster TOS Web Application Taskbar cross site scripting
127194TerraMaster TOS ajaxdata.php command injection
127193TerraMaster TOS session fixiation [CVE-2018-13337]
127192TerraMaster TOS ajaxdata.php command injection
127191TerraMaster TOS Shared Folders cross site scripting [CVE-2018-13335]
127190TerraMaster TOS handle.php cross site scripting
127189TerraMaster TOS File Manager cross site scripting [CVE-2018-13333]
127188TerraMaster TOS URL path traversal [CVE-2018-13332]
127187TerraMaster TOS Control Panel cross site scripting [CVE-2018-13331]
127186TerraMaster TOS ajaxdata.php command injection
127185TerraMaster TOS URL ajaxdata.php cross site scripting
127184TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13316]
127183TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13314]
127182TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13307]
127181TOTOLINK A3002RU POST Parameter command injection [CVE-2018-13306]
127180Xiaomi Mi Router 3 URL command injection [CVE-2018-13023]
127179Xiaomi Mi Router 3 API 404 Page cross site scripting [CVE-2018-13022]
127178Symantec Security Analytics Web UI Reflected cross site scripting
127177Google Android Linux Kernel memory corruption [CVE-2018-11995]
127176Google Android Linux Kernel access control [CVE-2018-11956]
127175Google Android UPnP Daemon improper authorization [CVE-2018-11946]
127174Google Android Fastboot resource management [CVE-2018-11943]
127173Google Android SOC Infrastructure memory corruption [CVE-2018-11919]
127172Google Android Linux Kernel probe double free
127171Google Android Access Control access control [CVE-2018-11914]
127170Google Android Configuration access control [CVE-2018-11913]
127169Google Android Configuration access control [CVE-2018-11912]
127168Google Android Configuration access control [CVE-2018-11911]
127167Google Android Access Control access control [CVE-2018-11910]
127166Google Android Access Control access control [CVE-2018-11909]
127165Google Android Access Control access control [CVE-2018-11908]
127164Google Android Access Control access control [CVE-2018-11907]
127163Google Android ADB/debug-fs access control [CVE-2018-11906]
127162Google Android Driver Probe double free [CVE-2018-11823]
127161Apache Hadoop Incomplete Fix CVE-2016-6811 access control [CVE-2018-11766]🔒
127160Google Android DCI Client Entry input validation [CVE-2018-11266]
127159Google Android Media Codec use after free [CVE-2018-11261]
127158Google Android Linux Kernel integer overflow [CVE-2018-11260]
127157Expedition Migration Tool information disclosure [CVE-2018-10142]
127156QNAP QTS memory corruption [CVE-2018-0721]
127155QNAP QTS cross site scripting [CVE-2018-0719]
127154Google Android out-of-bounds read [CVE-2017-11078]
127153dcraw kodak_radc_load_raw memory corruption
127152dcraw parse_tiff_ifd memory corruption
127151dcraw parse_tiff_ifd out-of-bounds read
127150dcraw crop_masked_pixels out-of-bounds read
127149Easy Testimonials Plugin post.php Stored cross site scripting
127148PHPOK unrestricted upload [CVE-2018-19562]
127147sikcms cross-site request forgery [CVE-2018-19561]
127146BageCMS cross-site request forgery [CVE-2018-19560]
127145CuppaCMS functions.php sql injection
127144arcms newslist sql injection
127143arcms main sql injection
127142Z-BlogPHP input validation [CVE-2018-19556]
127141tp4a Teleport do-reset-password cross-site request forgery
127140dotCMS image_tool.jsp cross site scripting
127139Interspire Email Marketer Dynamiccontenttags.php sql injection
127138Interspire Email Marketer Dynamiccontenttags.php sql injection
127137Interspire Email Marketer Dynamiccontenttags.php sql injection
127136Interspire Email Marketer File Upload surveys_submit.php unrestricted upload
127135Interspire Email Marketer Dynamiccontenttags.php sql injection
127134EduSec credentials management [CVE-2018-19548]
127133JTBC(PHP) cross site scripting [CVE-2018-19547]
127132JTBC(PHP) cross-site request forgery [CVE-2018-19546]
127131JEECMS admin/ save cross-site request forgery
127130JEECMS save cross-site request forgery
127129IBM WebSphere Application Server XML Data xml external entity reference🔒
127128TIBCO Statistica Server cross site scripting [CVE-2018-18807]
127127Linux Kernel cleancache Subsystem information disclosure [CVE-2018-16862]🔒
127126PowerDNS dnsdist input validation [CVE-2018-14663]🔒
127125Linux Kernel af_netlink.c __netlink_ns_capable null pointer dereference🔒
127124Buffalo TS5600D1206 nasapi access control [CVE-2018-13324]
127123Buffalo TS5600D1206 Cookie detail.html cross site scripting
127122Buffalo TS5600D1206 list_folders path traversal
127121Buffalo TS5600D1206 nasapi access control [CVE-2018-13321]
127120Buffalo TS5600D1206 command injection [CVE-2018-13320]
127119Buffalo Control Access Control information disclosure [CVE-2018-13319]
127118Buffalo TS5600D1206 User.create command injection
127117TOTOLINK A3002RU password.htm Password cross site scripting
127116TOTOLINK A3002RU Access Control formPasswordSetup input validation
127115TOTOLINK A3002RU notice_gen.htm cross site scripting
127114TOTOLINK A3002RU Post command injection [CVE-2018-13311]
127113TOTOLINK A3002RU password.htm cross site scripting
127112TOTOLINK A3002RU password.htm cross site scripting
127111TOTOLINK A3002RU notice_gen.htm cross site scripting
127110IBM Integration Bus File Permission permission [CVE-2017-1418]🔒
127109Jasper jp2_dec.c jp2_decode memory corruption
127108Jasper jp2_dec.c jp2_decode null pointer dereference🔒
127107Jasper jas_image.c jas_image_depalettize out-of-bounds read🔒
127106Jasper jas_icc.c jas_icctxtdesc_input memory corruption🔒
127105Jasper jas_image.c jas_image_readcmpt access control🔒
127104TP-LINK Archer C5 Configuration File unrestricted upload [CVE-2018-19537]
127103Exiv2 PNG File pngchunk_int.cpp readRawProfile memory corruption
127102PoDoFo pdftranslator.cpp setTarget null pointer dereference🔒
127101HTTL decodeXml input validation
127100HTTL decodeXml input validation
127099TP-LINK TL-WR886N Tlb Loader memory corruption [CVE-2018-19528]
127098SDcms themecontroller.php check_bad code injection
127097tcpdump print-hncp.c print_prefix out-of-bounds read🔒
127096University of Washington IMAP Toolkit rsh Command imap4r1.c imap_open os command injection🔒
127095sysstat sa_common.c remap_struct out-of-bounds read
127094Moodle cross-site request forgery [CVE-2018-16854]🔒
127093VMware vSphere Data Protection os command injection [CVE-2018-11077]🔒
127092VMware vSphere Data Protection Java Management Client Private Key information disclosure🔒
127091VMware vSphere Data Protection URL redirect [CVE-2018-11067]🔒
127090VMware vSphere Data Protection command injection [CVE-2018-11066]🔒
127089Freeware Advanced Audio Decoder filtbank.c ifilter_bank out-of-bounds read
127088Freeware Advanced Audio Decoder sbr_hfadj.c calculate_gain memory corruption
127087Freeware Advanced Audio Decoder syntax.c excluded_channels memory corruption
127086Vanilla Gdn_Format input validation
127085Gnuplot cairo.trm cairotrm_options memory corruption🔒
127084Gnuplot post.trm PS_options memory corruption🔒
127083Gnuplot datafile.c df_generate_ascii_array_entry memory corruption🔒
127082Git run-command.c run_command untrusted search path🔒
127081Artifex Ghostscript Access Restriction zfjbig2.c type conversion🔒
127080Artifex Ghostscript Access Restriction zicc.c type conversion🔒
127079Artifex Ghostscript Access Restriction zdevice2.c 7pk security🔒
127078ArticleCMS update_personal_infomation cross site scripting
127077HuCart helper_class.php get_ip sql injection
127076Discuz! admin.php cross site scripting
127075Z-BlogPHP upload.php code injection [CVE-2018-19463]
127074Adult Filter Black Domain List File memory corruption [CVE-2018-19459]
127073PHP Proxy improper authentication [CVE-2018-19458]
127072Logicspice FAQ Script faqimages unrestricted upload
127071Tryton Client bus.py session fixiation🔒
127070UCMS credentials management [CVE-2018-19437]
127069webERP CollectiveWorkOrderCost.php sql injection
127068webERP SalesInquiry.php sql injection
127067webERP General Ledger BankMatching.php sql injection
127066ShowDoc database.php cross site scripting
127065libsndfile sndfile.c sf_write_int null pointer dereference🔒
127064Adobe Flash Player type conversion [CVE-2018-15981]🔒
127063ClipperCMS unrestricted upload [CVE-2018-19424]
127062Codiad unrestricted upload [CVE-2018-19423]
127061Subrion CMS uploads unrestricted upload
127060GetSimpleCMS EML File upload.php unrestricted upload
127059GetSimpleCMS upload.php unrestricted upload
127058Contiki-NG MQTT Server parse_publish_vhdr memory corruption
127057sysstat sa_common.c remap_struct out-of-bounds read
127056PRTG Network Monitor addusers access control
127055PRTG Network Monitor login.htm access control
127054Artifex Ghostscript 7pk security [CVE-2018-19409]🔒
127053IBM Cloud Private IAM Services information disclosure [CVE-2018-1843]
127052Novell NetWare NFS Portmapper Daemon memory corruption [CVE-2009-5153]
127051Linux Kernel System Call x86.c vcpu_scan_ioapic null pointer dereference🔒
127050Linux Kernel System Call lapic.c null pointer dereference🔒
127049YXcms indexController.php code injection
127048PHP var_unserializer.c input validation
127047PHP com_safearray_proxy var.c null pointer dereference
127046Foxit Reader TIFF Data FoxitReader.exe FCP_SendEmailNotification out-of-bounds read
127045Foxit Reader BMP Data FoxitReader.exe FCP_SendEmailNotification out-of-bounds read
127044Foxit Reader TIFF Data FoxitReader.exe ReleaseFXURLToHtml out-of-bounds read
127043tmux format.c format_cb_pane_tabs null pointer dereference🔒
127042GreenCMS Log File cross-site request forgery [CVE-2018-19376]
127041Royal Browser Extensions TS Credentials credentials management
127040Loadbalancer.org Enterprise VA MAX Apache HTTP Server Log cross site scripting
127039PCMan FTP Server APPE Command memory corruption [CVE-2018-18861]
127038LiquidVPN Client XPC Service kextload os command injection
127037LiquidVPN Client XPC Service os command injection [CVE-2018-18858]
127036LiquidVPN Client XPC Service os command injection [CVE-2018-18857]
127035LiquidVPN Client XPC Service os command injection [CVE-2018-18856]
127034CWP CentOS Web Panel index.php cross site scripting
127033CWP CentOS Web Panel cross-site request forgery [CVE-2018-18773]
127032CWP CentOS Web Panel cross-site request forgery [CVE-2018-18772]
127031Zoho ManageEngine OpManager cross site scripting [CVE-2018-18716]
127030Zoho ManageEngine OpManager Stored cross site scripting [CVE-2018-18715]
127029Roche Accu-Chek Inform II Software Update unrestricted upload
127028Roche Accu-Chek Inform II Access Control access control [CVE-2018-18564]
127027Roche Accu-Chek Inform II File Upload access control [CVE-2018-18563]
127026Roche Accu-Chek Inform II Service Interface credentials management
127025Roche Accu-Chek Inform II Service Interface improper authentication
127024DENX U-Boot Filesystem Loader memory corruption [CVE-2018-18440]
127023DENX U-Boot TFTP memory corruption [CVE-2018-18439]
127022iSmartAlarm Cube One Access Control information disclosure [CVE-2018-16224]
127021QBee Cam Application Credentials credentials management [CVE-2018-16223]
127020iSmartAlarm App Configuration File iSmartAlarmData.xml Credentials credentials management
127019Samsung 840 EVO Encryption Key key management [CVE-2018-12038]
127018Samsung Crucial MX300 ATA High Mode cryptographic issues [CVE-2018-12037]
127017FineUploader php-traditional-server File Upload unrestricted upload
127016jQuery Upload File File Upload unrestricted upload [CVE-2018-9207]
127015Portainer API Endpoint check credentials management
127014Google Monorail input validation [CVE-2018-19335]
127013Google Monorail cross-site request forgery [CVE-2018-19334]
127012Access Manager Identity Provider redirect [CVE-2018-17948]
127011Philips iSite credentials management [CVE-2018-17906]
127010IBM API Connect input validation [CVE-2018-1779]
127009Google Monorail cross-site request forgery [CVE-2018-10099]
127008IBM Cloud Private information disclosure [CVE-2018-1841]
127007Apache Spark access control [CVE-2018-17190]
127006Cloud Foundry UAA access control [CVE-2018-15761]
127005Pivotal Cloud Foundry On Demand Services SDK Service Broker Invalid credentials management
127004BestXsoftware Best Free Keylogger syscrb.exe untrusted search path
127003GNOME Keyring Secret Service API Credentials credentials management
127002Customer Files Upload Addon upload.php unrestricted upload
127001libansilove ansi.c ansilove_ansi out-of-bounds read
127000Jupyter Notebook Directory Name notebooklist.js cross site scripting🔒
126999Jupyter Notebook nbconvert Response handlers.py cross site scripting🔒
126998GNOME Seahorse quickAllow Password credentials management
126997SeaCMS Stored cross site scripting [CVE-2018-19350]
126996SeaCMS admin_makehtml.php sql injection
126995Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126994Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126993Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126992Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126991Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126990Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126989Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126988Foxit Reader u3d plugin U3DBrowser.fpi basic_ostream out-of-bounds read
126987Guriddo Form PHP default.php cross site scripting
126986Google gVisor shm.go access control
126985S-Cms cross-site request forgery [CVE-2018-19332]
126984S-Cms search.php sql injection
126983GreenCMS access control [CVE-2018-19329]
126982LAOBANCMS mysql_hy.php path traversal
126981JTBC(PHP) cross-site request forgery [CVE-2018-19327]
126980ZyXEL VMG1312-B10D path traversal [CVE-2018-19326]
126979kimsQ Rb ?r=home&mod=mypage&page=info cross site scripting
126978phpBB Admin Control Panel file_exists input validation🔒
126977Lenovo ThinkServer BMC Firmware Download command injection [CVE-2018-9086]
126976Intel Server Platform Service default permission [CVE-2018-9085]
126975Lenovo Chassis Management Module hard-coded credentials [CVE-2018-9073]
126974Lenovo Chassis Management Module information disclosure [CVE-2018-9071]
126973ZTE ZXHN F670 appviahttp Service credentials management [CVE-2018-7363]
126972ZTE ZXHN F670 Access Control access control [CVE-2018-7362]
126971ZTE ZXHN F670 null pointer dereference [CVE-2018-7361]
126970ZTE ZXHN F670 appviahttp Service information disclosure [CVE-2018-7360]
126969ZTE ZXHN F670 memory corruption [CVE-2018-7359]
126968SRCMS cross-site request forgery [CVE-2018-19319]
126967SRCMS cross-site request forgery [CVE-2018-19318]
126966Centreon sql injection [CVE-2018-19312]
126965Centreon cross site scripting [CVE-2018-19311]
126964PHPMailer Object input validation [CVE-2018-19296]🔒
126963Linux Kernel Access Control user_namespace.c map_write input validation🔒
126962School Equipment Monitoring System Login Screen user.vb sql injection
126961PointOfSales Login Screen LoginForm1.vb sql injection
126960Bakeshop Inventory System Login Screen publicfunction.vb sql injection
126959Curriculum Evaluation System Login Screen user.vb sql injection
126958BSEN Ordering Software sql injection [CVE-2018-18801]
126957School Attendance Monitoring System cross-site request forgery
126956School Attendance Monitoring System edit.php cross-site request forgery
126955Library Management System Search for Books sql injection [CVE-2018-18796]
126954School Event Management System index.php sql injection
126953School Event Management System cross-site request forgery [CVE-2018-18794]
126952School Event Management System unrestricted upload [CVE-2018-18793]
126951SaltOS sql injection [CVE-2018-18763]
126950SaltOS sql injection [CVE-2018-18761]
126949RhinOS cross-site request forgery [CVE-2018-18760]
126948Modbus Slave Tools memory corruption [CVE-2018-18759]
126947Local Server Service Port 4008 memory corruption [CVE-2018-18756]
126946K-iwi Framework update sql injection
126945IBM WebSphere Application Server Enterprise Bundle Archives path traversal
126944Ruby Taint 7pk security [CVE-2018-16396]🔒
126943Ruby OpenSSL Library Name data processing🔒
126942IBM Jazz Reporting Service Report Builder information disclosure
126941Dell EMC RSA BSAFE Micro Edition Suite Key Management key management
126940Inova Partner improper authorization [CVE-2018-15693]
126939Inova Partner improper authorization [CVE-2018-15692]
126938Microsoft Team Foundation Server access control [CVE-2018-8529]🔒
126937CPU Multi-Threading information disclosure [CVE-2018-5407]🔒
126936tp4a Teleport Login Page cross site scripting [CVE-2018-19301]
126935DiliCMS 1 cross-site request forgery
126934Valine PDF File injection [CVE-2018-19289]
126933Zoho ManageEngine OpManager updateWidget API cross site scripting
126932Ninja Forms Plugin Submissions.php cross site scripting
126931Mubu Note Account Configuration cross site scripting [CVE-2018-19286]
126930QEMU pnv_lpc.c pnv_lpc_do_eccb out-of-bounds read🔒
126929Sonatype Nexus Repository Manager Java Expression Language code injection
126928Sonatype Nexus Repository Manager Access Control access control
126927Sonatype Nexus Repository Manager cross site scripting [CVE-2018-16619]
126926IBM WebSphere Application Server Installation Verification cross site scripting🔒
126925OpenDolphin access control [CVE-2018-16163]
126924OpenDolphin Credentials credentials management [CVE-2018-16162]
126923OpenDolphin access control [CVE-2018-16161]
126922SecureCore Standard Edition improper authentication [CVE-2018-16160]
126921Polycom TriO Web Administration Console cross site scripting
126920Polycom TriO Bluetooth Subsystem access control [CVE-2018-14934]
126919Eclipse Mosquitto Topic input validation [CVE-2018-12543]🔒
126918NetIQ Access Manager cross site scripting [CVE-2018-12480]
126917BlueStacks App Player Access Restriction access control [CVE-2018-0701]
126916YukiWiki resource consumption [CVE-2018-0700]
126915YukiWiki cross site scripting [CVE-2018-0699]
126914Metabase cross site scripting [CVE-2018-0697]
126913User-Friendly SVN cross site scripting [CVE-2018-0695]
126912FileZen os command injection [CVE-2018-0694]
126911FileZen File Upload path traversal [CVE-2018-0693]
126910Baidu Browser DLL Loader untrusted search path [CVE-2018-0692]
126909+Message App X.509 Certificate Validation certificate validation
126908Music Center for PC Software Update access control [CVE-2018-0690]
126907NEOJAPAN Denbun cross site scripting [CVE-2018-0687]
126906NEOJAPAN Denbun unrestricted upload [CVE-2018-0686]
126905NEOJAPAN Denbun Mail Search sql injection [CVE-2018-0685]
126904NEOJAPAN Denbun multipart/form-data memory corruption [CVE-2018-0684]
126903NEOJAPAN Denbun Cookie memory corruption [CVE-2018-0683]
126902NEOJAPAN Denbun Session access control [CVE-2018-0682]
126901NEOJAPAN Denbun Management Page hard-coded credentials [CVE-2018-0681]
126900NEOJAPAN Denbun hard-coded credentials [CVE-2018-0680]
126899FXC FXC5210 Administrative Page cross site scripting [CVE-2018-0679]
126898Cybozu Garoon path traversal [CVE-2018-0673]
126897HarfBuzz hb-ot-layout-gpos-table.hh out-of-bounds read
126896Apache Commons FileUpload DiskFileItem File privileges management
126895Google Android HTC Bootloader access control [CVE-2018-9580]
126894Google Android bta_hd_api.cc BTA_HdRegisterApp out-of-bounds write
126893Google Android Bluetooth Service btif_hd.cc register_application out-of-bounds read
126892Google Android Factory Reset f2fs_format_utils.c access control
126891Google Android avrc_pars_ct.cc avrc_pars_vendor_rsp out-of-bounds read
126890Google Android Bluetooth Service avcr_pars_ct.cc avrc_pars_vendor_rsp out-of-bounds read
126889Google Android avrc_pars_ct.c avrc_ctrl_pars_vendor_rsp out-of-bounds read
126888Google Android ClearKey CAS Descrambler race condition [CVE-2018-9539]
126887Google Android Media Server aacdecode.cpp CAacDecoder_DecodeFrame out-of-bounds write
126886Google Android libFDK out-of-bounds write [CVE-2018-9536]
126885Google Android ixheaacd_lpc.c ixheaacd_reset_acelp_data_fix out-of-bounds write
126884Google Android ixheaacd_mps_parse.c ixheaacd_mps_getstridemap out-of-bounds write
126883Google Android ixheaacd_create.c ixheaacd_dec_data_init memory corruption
126882Google Android ixheaacd_env_extr.c ixheaacd_extract_frame_info_ld out-of-bounds write
126881Google Android tpdec_asc.cpp AudioSpecificConfig_Parse out-of-bounds write
126880Google Android ixheaacd_aac_tns.c ixheaacd_tns_ar_filter_dec out-of-bounds write
126879Google Android ixheaacd_channel.c ixheaacd_individual_ch_stream out-of-bounds write
126878Google Android ixheaacd_overlap_add1.s ixheaacd_over_lap_add1_armv8 out-of-bounds write
126877Google Android codebook.c vorbis_book_decodev_set out-of-bounds write
126876Google Android Location information disclosure [CVE-2018-9526]
126875Google Android com.android.settings.slice.action.WIFI_CHANGED AndroidManifest.xml SliceBroadcastReceiver permission
126874Google Android System UI access control [CVE-2018-9524]
126873Google Android Parcel.java Parcel.writeMapInternal input validation
126872Google Android StatsLogEventWrapper.java serialization out-of-bounds write
126871Google Android NuPlayer2CCDecoder.cpp parseMPEGCCData out-of-bounds write
126870Google Android BluetoothPairingController.java onCheckedChanged permission
126869Google Android eas_smf.c SMF_ParseMetaEvent input validation
126868ZTE ZXHN H168N Change Control improper authentication [CVE-2018-7358]
126867ZTE ZXHN H168N Access Control credentials management [CVE-2018-7357]
126866Google Chrome PWA Installation access control [CVE-2018-6083]🔒🔒
126865Google Chrome FTP Port information disclosure [CVE-2018-6082]🔒🔒
126864Google Chrome Extension cross site scripting [CVE-2018-6081]🔒🔒
126863Google Chrome Instrumentation Log File access control [CVE-2018-6080]🔒🔒
126862Google Chrome WebGL information disclosure [CVE-2018-6079]🔒🔒
126861Google Chrome Omnibox input validation [CVE-2018-6078]🔒🔒
126860Google Chrome Blink SVG Rendering information disclosure [CVE-2018-6077]🔒🔒
126859Google Chrome Blink DOM-Based cross site scripting🔒🔒
126858Google Chrome File Download information disclosure [CVE-2018-6075]🔒🔒
126857Google Chrome Download input validation [CVE-2018-6074]🔒🔒
126856Google Chrome WebGL memory corruption [CVE-2018-6073]🔒🔒
126855Google Chrome PDFium integer overflow [CVE-2018-6072]🔒🔒
126854Google Chrome Skia integer overflow [CVE-2018-6071]🔒🔒
126853Google Chrome Blink WebUI 7pk security [CVE-2018-6070]🔒🔒
126852Google Chrome Skia memory corruption [CVE-2018-6069]🔒🔒
126851Google Chrome Custom Tab Address input validation🔒🔒
126850Google Chrome Skia memory corruption [CVE-2018-6067]🔒🔒
126849Google Chrome Blink information disclosure [CVE-2018-6066]🔒🔒
126848Google Chrome v8 integer overflow [CVE-2018-6065]🔒🔒
126847Google Chrome v8 __defineGetter__ type conversion🔒🔒
126846Google Chrome Mojo WrapSharedMemoryHandle out-of-bounds write🔒🔒
126845Google Chrome Skia out-of-bounds write [CVE-2018-6062]🔒🔒
126844Google Chrome WebAssembly race condition [CVE-2018-6061]🔒🔒
126843Google Chrome WebAudio use after free [CVE-2018-6060]🔒🔒
126842Google Chrome Android ashmem 7pk security [CVE-2018-6057]🔒🔒
126841NetApp StorageGRID Webscale access control [CVE-2018-5495]
126840Intel RAID Web Console 3 cross site scripting [CVE-2018-3699]
126839Intel Ready Mode Technology Installer access control [CVE-2018-3698]
126838Intel Media Server Studio Installer access control [CVE-2018-3697]
126837Intel RAID Web Console 3 improper authentication [CVE-2018-3696]
126836Intel Rapid Store Technology input validation [CVE-2018-3635]
126835Intel Driver / Support Assistant information disclosure [CVE-2018-3621]
126834Centreon SNMP Trap sql injection [CVE-2018-19281]
126833Centreon Poller Macro cross site scripting [CVE-2018-19280]
126832PRIMX ZoneCentral ntfs File information disclosure [CVE-2018-19279]
126831Digium Asterisk DNS SRV/NAPTR Lookup memory corruption [CVE-2018-19278]🔒
126830PHPOffice PhpSpreadsheet Encoding securityScan xml injection
126829Centreon main.php sql injection
126828payfort-php-SDK error.php cross site scripting
126827payfort-php-SDK Echo error.php cross site scripting
126826payfort-php-SDK success.php cross site scripting
126825payfort-php-SDK Echo success.php cross site scripting
126824payfort-php-SDK route.php cross site scripting
126823CKeditor Paste cross site scripting [CVE-2018-17960]
126822Google Chrome Extensions input validation [CVE-2018-17477]🔒
126821Google Chrome Cast UI Warning input validation🔒
126820Google Chrome Navigation Address input validation🔒
126819Google Chrome Blink HTMLImportsController use after free🔒
126818Google Chrome Omnibox Address input validation🔒
126817Google Chrome googlechrome:/ data processing [CVE-2018-17472]🔒
126816Google Chrome WebContents Warning input validation🔒
126815Google Chrome PDFium out-of-bounds read [CVE-2018-17469]🔒
126814Google Chrome Blink information disclosure [CVE-2018-17468]🔒
126813Google Chrome Omnibox input validation [CVE-2018-17467]🔒
126812Google Chrome Texture out-of-bounds read [CVE-2018-17466]🔒
126811Google Chrome v8 use after free [CVE-2018-17465]🔒
126810Google Chrome History Address input validation🔒
126809Google Chrome v8 input validation [CVE-2018-17463]🔒
126808Google Chrome AppCache input validation [CVE-2018-17462]🔒
126807Nagios XI Reflected cross site scripting [CVE-2018-15714]
126806Nagios XI users.php Persistent cross site scripting
126805Nagios XI api_tool.php Reflected cross site scripting
126804Nagios XI API Key access control [CVE-2018-15711]
126803Nagios XI Autodiscover_new.php command injection
126802Nagios XI command injection [CVE-2018-15709]
126801Nagios XI Snoopy 1.0 command injection [CVE-2018-15708]
126800Intel Parallel Studio XE Intel Trace Analyzer 2018 memory corruption
126799Microsoft Dynamics 365 input validation [CVE-2018-8609]
126798Microsoft Dynamics 365 cross site scripting [CVE-2018-8608]
126797Microsoft Dynamics 365 cross site scripting [CVE-2018-8607]
126796Microsoft Dynamics 365 cross site scripting [CVE-2018-8606]
126795Microsoft Dynamics 365 cross site scripting [CVE-2018-8605]
126794Microsoft Team Foundation Server cross site scripting [CVE-2018-8602]🔒
126793Microsoft Azure App Service cross site scripting [CVE-2018-8600]
126792Microsoft Windows Audio Service information disclosure [CVE-2018-8454]🔒
126791Apache Hadoop ZIP File access control [CVE-2018-8009]🔒
126790Huawei Watch 2 improper authorization [CVE-2018-7926]
126789Huawei Smartphone Radio Module improper authorization [CVE-2018-7925]
126788Huawei Smartphone improper authentication [CVE-2018-7910]
126787VMware vRealize Log Insight User Registration improper authorization🔒
126786NVIDIA Graphics Driver GPU Performance Counter information disclosure
126785SAP Fiori Client Log View code injection [CVE-2018-2491]
126784SAP Fiori Client Broadcast Message access control [CVE-2018-2490]
126783SAP Fiori Client SSO Config access control [CVE-2018-2489]
126782SAP Fiori Client Push Notification input validation [CVE-2018-2488]
126781SAP Disclosure Management ZIP File information disclosure [CVE-2018-2487]
126780SAP Fiori Client Javascript API privileges management [CVE-2018-2485]
126779SAP Business Intelligence Platform Central Management Console input validation
126778SAP Mobile Secure Android Application Mobile-secure.apk resource consumption
126777SAP SAP_ABA Transaction Code access control [CVE-2018-2481]
126776SAP Business Intelligence cross site scripting [CVE-2018-2479]
126775SAP TREX/BWA/Basis input validation [CVE-2018-2478]
IDTitleNessusOpenVASSnortSuricataTippingPoint
126774SAP Knowledge Management xml injection [CVE-2018-2477]
126773SAP NetWeaver redirect [CVE-2018-2476]
126772SAP Business Intelligence Web Intelligence Richclient 3 data processing
126771Micro Focus Service Manager information disclosure [CVE-2018-18591]
126770IBM WebSphere Commerce input validation [CVE-2018-1808]
126769IBM WebSphere MQ code injection [CVE-2018-1792]
126768Losant Arduino MQTT Client memory corruption [CVE-2018-17614]
126767Apache Qpid Proton-J Transport Certificate Verification certificate validation
126766PostgreSQL pg_dump sql injection🔒
126765Rack Request cross site scripting🔒
126764Rack Multipart Parser resource consumption [CVE-2018-16470]🔒
126763Pivotal CredHub Service Broker Random Number Generator weak prng
126762Dell EMC RecoverPoint/RecoverPoint for VMs Boxmgmt CLI resource consumption
126761Dell EMC RecoverPoint/RecoverPoint for Virtual Machines Boxmgmt CLI information disclosure
126760Cisco Advanced Malware Protection DLL Loader uncontrolled search path
126759JBoss KeyCloak Login/Logout redirect [CVE-2018-14658]🔒
126758KeyCloak TOPT 7pk security [CVE-2018-14657]🔒
126757KeyCloak cross site scripting [CVE-2018-14655]🔒
126756TIBCO DataSynapse GridServer Manager Broker/Director cross-site request forgery
126755Microsoft .NET Core input validation [CVE-2018-8416]🔒
126754Microsoft Skype for Business/Lync Server Emoji input validation🔒
126753Microsoft Windows MSRPC information disclosure [CVE-2018-8407]🔒
126752Microsoft Windows Physical Installation access control [CVE-2018-8592]🔒
126751Microsoft Windows Win32k access control [CVE-2018-8589]🔒
126750Microsoft Windows ALPC access control [CVE-2018-8584]🔒
126749Microsoft Exchange Server access control [CVE-2018-8581]🔒
126748Microsoft Office Outlook Message information disclosure [CVE-2018-8579]
126747Microsoft SharePoint Enterprise Server Folder information disclosure🔒
126746Microsoft Outlook memory corruption [CVE-2018-8576]🔒
126745Microsoft Project memory corruption [CVE-2018-8575]🔒
126744Microsoft Office Word memory corruption [CVE-2018-8573]🔒
126743Microsoft SharePoint Enterprise Server access control [CVE-2018-8572]🔒
126742Microsoft SharePoint Enterprise Server access control [CVE-2018-8568]🔒
126741Microsoft Edge access control [CVE-2018-8567]🔒
126740Microsoft Windows BitLocker Security Feature 7pk security [CVE-2018-8566]🔒
126739Microsoft Windows Win32k information disclosure [CVE-2018-8565]🔒
126738Microsoft Edge input validation [CVE-2018-8564]🔒
126737Microsoft Windows DirectX information disclosure [CVE-2018-8563]🔒
126736Microsoft Windows Win32k access control [CVE-2018-8562]🔒
126735Microsoft Windows DirectX access control [CVE-2018-8561]🔒
126734Microsoft Office information disclosure [CVE-2018-8558]
126733Microsoft Windows DirectX access control [CVE-2018-8554]🔒
126732Microsoft Internet Explorer VBScript Scripting Engine memory corruption🔒
126731Microsoft Windows Security Feature 7pk security [CVE-2018-8549]🔒
126730Microsoft Windows Active Directory Federation Services cross site scripting🔒
126729Microsoft Edge information disclosure [CVE-2018-8545]🔒
126728Microsoft Office/SharePoint Word memory corruption [CVE-2018-8539]🔒
126727Microsoft Outlook memory corruption [CVE-2018-8524]🔒
126726Microsoft Outlook memory corruption [CVE-2018-8522]🔒
126725Microsoft Windows DirectX access control [CVE-2018-8485]🔒
126724Microsoft Windows RemoteFX Virtual GPU Miniport Driver access control🔒
126723Microsoft Windows JScript Security Feature access control [CVE-2018-8417]🔒
126722Microsoft Windows PowerShell code injection [CVE-2018-8415]🔒
126721Microsoft Windows Kernel information disclosure [CVE-2018-8408]🔒
126720Microsoft Internet Explorer memory corruption [CVE-2018-8570]🔒
126719Microsoft Windows COM Aggregate Marshaler access control [CVE-2018-8550]🔒
126718Microsoft Windows Search access control [CVE-2018-8450]🔒
126717Microsoft Outlook input validation [CVE-2018-8582]🔒
126716Microsoft Office Excel memory corruption [CVE-2018-8577]🔒
126715Microsoft Office Excel memory corruption [CVE-2018-8574]🔒
126714Microsoft Windows PowerShell access control [CVE-2018-8256]🔒
126713Microsoft Windows VBScript Engine use after free [CVE-2018-8544]🔒
126712Microsoft Windows Graphics Component memory corruption [CVE-2018-8553]🔒
126711Microsoft Windows Deployment Services TFTP Server memory corruption🔒
126710Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126709Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126708Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126707Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126706Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126705Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126704Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126703Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
126702PHP-Proxy config.php information disclosure
126701Charles Import/Export xml external entity reference [CVE-2018-19244]
126700Thomson TCW710 RgUrlBlock.asp Persistent cross site scriting
126699Thomson TCW710 RgDhcp Persistent cross site scriting
126698Thomson TCW710 RgDdns Persistent cross site scriting
126697Thomson TCW710 RgTime Persistent cross site scriting
126696Thomson TCW710 RGFirewallEL Persistent cross site scriting
126695Thomson TCW710 wlanPrimaryNetwork Persistent cross site scriting
126694LAOBANCMS cross site scripting [CVE-2018-19229]
126693LAOBANCMS pic.php path traversal
126692LAOBANCMS liuyan.php cross site scripting
126691LAOBANCMS admin.txt information disclosure
126690LAOBANCMS mima.php cross-site request forgery
126689LAOBANCMS Cookie login.php input validation
126688LAOBANCMS cross site scripting [CVE-2018-19223]
126687LAOBANCMS access control [CVE-2018-19222]
126686LAOBANCMS login.php sql injection
126685LAOBANCMS code injection [CVE-2018-19220]
126684LibSass operator input validation
126683LibSass parse_css_variable_value_token out-of-bounds read
126682ncurses _nc_name_match null pointer dereference
126681Netwide Assembler preproc.c detoken use after free
126680Netwide Assembler preproc.c expand_mmac_params out-of-bounds read
126679Netwide Assembler preproc.c expand_mmac_params out-of-bounds read
126678Netwide Assembler malloc.c nasm_malloc resource management
126677libwebm InitWebmParser input validation
126676ncurses parse_entry.c _nc_parse_entry null pointer dereference🔒
126675LibTIFF tif_dirwrite.c TIFFWriteDirectorySec null pointer dereference🔒
126674Netwide Assembler labels.c find_label null pointer dereference
126673libwpd WP6ContentListener.cpp defineTable null pointer dereference🔒
126672Van Ons WP GDPR Compliance Plugin $wpdb->prepare direct request🔒
126671RoundCube func.inc cross site scripting🔒
126670RoundCube GnuPG MDC Integrity-Protection Warning enigma_driver_gnupg.php information disclosure
126669PRTG Network Monitor HTTP Advanced Sensor HttpAdvancedSensor.exe access control
126668PRTG Network Monitor PRTG Core Server Service input validation
126667uriparser UriCommon.c uriResetUri null pointer dereference🔒
126666uriparser UriQuery.c uriComposeQueryEx integer overflow🔒
126665uriparser UriQuery.c uriComposeQueryEx out-of-bounds write🔒
126664IBM Case Manager path traversal [CVE-2018-1884]
126663IBM Spectrum Protect dsmc/dsmcad resource management [CVE-2018-1786]🔒
126662XiaoCms database.php path traversal
126661XiaoCms uploadfile.php code injection
126660XiaoCms show_product.html cross site scripting
126659XiaoCms Error Message Path information disclosure
126658XiaoCms New News Screen cross site scripting [CVE-2018-19193]
126657XiaoCms cross-site request forgery [CVE-2018-19192]
126656libIEC61850 ber_encoder.c BerEncoder_encodeOctetString memory corruption
126655Go Ethereum runner.go null pointer dereference
126654ethereumjs-vm memory corruption [CVE-2018-19183]
126653Py-EVM vm.execute_bytecode memory corruption
126652IBM WebSphere Application Server SIBMsgMigration Utility cross site scripting
126651YUNUCMS Local.class.php path traversal
126650YUNUCMS Install.php code injection
126649JEESNS XssHttpServletRequestWrapper.java Stored cross site scripting
126648JPress Input Fields setting Stored cross site scripting
126647FruityWifi mod_name save.php command injection
126646pdfforge PDF Architect pdmodel.dll PDMODELProvidePDModelHFT memory corruption
126645Poppler _poppler_attachment_new null pointer dereference🔒
126644Caddy X.509 Certificate information disclosure [CVE-2018-19148]
126643Open Ticket Request System access control [CVE-2018-19143]🔒
126642Open Ticket Request System cross site scripting [CVE-2018-19142]
126641Open Ticket Request System URL cross site scripting [CVE-2018-19141]🔒
126640ClipperCMS files cross-site request forgery
126639IObit Malware Fighter IOCTL RegFilter.sys memory corruption
126638IObit Malware Fighter IOCTL RegFilter.sys memory corruption
126637IObit Malware Fighter IOCTL RegFilter.sys memory corruption
126636IObit Malware Fighter IOCTL RegFilter.sys memory corruption
126635ZyXEL ZyWALL USG zysh-cgi cross-site request forgery
126634S-Cms Search search.php cross site scripting
126633Jasper jas_malloc.c jpc_unk_getparms resource management🔒
126632WSTMart add.html cross-site request forgery
126631DomainMod ip-address.php cross site scripting
126630DomainMod registrar-account.php cross site scripting
126629Flarum Core Email information disclosure [CVE-2018-19133]
126628Squid Web Proxy SNMP resource management [CVE-2018-19132]🔒
126627Squid Web Proxy X.509 Certificate cross site scripting [CVE-2018-19131]🔒
126626libav libavcodec vc1dec.c vc1_decode_frame memory corruption
126625libav mpegaudiodsp_template.c ff_mpa_synth_filter_float null pointer dereference
126624libavcodec AVI File lcldec.c decode_frame memory corruption
126623PHPCMS 2008 Cache File type.php code injection
126622PrestaShop unrestricted upload [CVE-2018-19126]
126621PrestaShop access control [CVE-2018-19125]
126620PrestaShop input validation [CVE-2018-19124]
126619libIEC61850 ethernet_bsd.c Ethernet_sendPacket null pointer dereference
126618libIEC61850 ethernet_bsd.c Ethernet_receivePacket null pointer dereference
126617IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1872]
126616Sennheiser HeadSetup Certificates SennComCCKey.pem Key certificate validation
126615Cloud Foundry Hashing cryptographic issues [CVE-2018-15796]
126614PowerDNS Recursor DNSSEC Validator input validation [CVE-2018-14644]🔒
126613IBM DB2 FGAC Control information disclosure [CVE-2018-1857]
126612IBM Cognos Analytics Configuration Tool signature verification
126611IBM DB2 link following [CVE-2018-1834]
126610IBM DB2 Shared Libraries access control [CVE-2018-1802]
126609IBM DB2 input validation [CVE-2018-1799]
126608IBM DB2 link following [CVE-2018-1781]
126607IBM DB2 link following [CVE-2018-1780]
126606IBM API Connect Developer Portal code injection [CVE-2018-1774]
126605IBM WebSphere MQ MQTT input validation [CVE-2018-1684]
126604IBM Marketing Operations Error Message information disclosure
126603IBM Campaign input validation [CVE-2016-9749]
126602Telexy QPath AdanitDataService.svc access control
126601Brocade Fabric OS Webtools Firmware Update command injection
126600Brocade Fabric OS Secure Shell access control [CVE-2018-6441]
126599Brocade Fabric OS Command Line Interface access control [CVE-2018-6438]
126598Brocade Fabric OS Command Line Interface access control [CVE-2018-6437]
126597Brocade Fabric OS Command Line Interface access control [CVE-2018-6436]
126596Brocade Fabric OS Command Line Interface access control [CVE-2018-6435]
126595Brocade Fabric OS Web Management Interface session fixiation
126594Brocade Fabric OS secryptocfg input validation [CVE-2018-6433]
126593keepalived html.c memory corruption [CVE-2018-19115]🔒
126592MinDoc attach_#.jpg access control
126591keepalived Temp File keepalived.data information disclosure🔒
126590keepalived Temp File PrintStats information disclosure🔒
126589keepalived keepalived.data PrintStats link following🔒
126588Cisco Prime Service Catalog Web-based Management Interface cross site scripting
126587Cisco Prime Collaboration Assurance Web-based UI input validation
126586Cisco Video Surveillance Media Server Web-based Management Interface input validation
126585Cisco Registered Envelope Service information disclosure [CVE-2018-15448]
126584Cisco Integrated Management Controller Web Framework sql injection
126583Cisco Meeting Server information disclosure [CVE-2018-15446]
126582Cisco Energy Management Suite Web-based Management Interface cross-site request forgery
126581Cisco Energy Management Suite Web-based User Interface xml external entity reference
126580Cisco Firepower System Software Detection Engine resource consumption
126579Cisco Small Business Switches hard-coded credentials [CVE-2018-15439]
126578Cisco Immunet/Advanced Malware Protection System Scan 7pk security
126577Cisco Stealthwatch Enterprise Management Console access control
126576Cisco Content Security Management Appliance Web-based Management Interface cross site scripting
126575Cisco Unity Express deserialization [CVE-2018-15381]
126574Apache Hive improper authorization [CVE-2018-1314]
126573Apache Hive HiveServer2 improper authorization [CVE-2018-11777]
126572Cisco Meraki MR/Meraki MS/Meraki MX/Meraki Z1/Meraki Z3 Local Status Page access control
126571Google Cardboard information disclosure [CVE-2018-19111]
126570tianti skin-management list skinList access control
126569tianti Permission list access control
126568Exiv2 PSD Image Reader psdimage.cpp readMetadata integer overflow
126567Exiv2 PSD Image Reader iptc.cpp decode integer overflow
126566LibreCAD File out-of-bounds write [CVE-2018-19105]
126565BageCMS index.php cross-site request forgery
126564Apache Superset Pickle Library load deserialization
126563libIEC61850 client_control.c ControlObjectClient_setCommandTerminationHandler access control [Disputed]
126562YzmCMS cross site scripting [CVE-2018-19092]
126561tianti User Management Module list Reflected cross site scripting
126560tianti Article Management Module Stored cross site scripting
126559tianti save_role Stored cross site scripting
126558WeCenter index.tpl.html htmlspecialchars_decode cross site scripting
126557Foscam Opticam i5 ONVIF devicemgmt SetDNS memory corruption [CVE-2018-19082]
126556Foscam Opticam i5 ONVIF devicemgmt SetDNS os command injection
126555Foscam Opticam i5 ONVIF devicemgmt SetHostname Persistent cross site scripting
126554Foscam Opticam i5 ONVIF devicemgmt SystemReboot input validation
126553Foscam Opticam i5 ONVIF media GetStreamUri Credentials credentials management
126552Foscam Opticam i5 RTSP out-of-bounds read [CVE-2018-19077]
126551Foscam C2/Opticam i5 FTP/RTSP improper authentication [CVE-2018-19076]
126550Foscam C2/Opticam i5 Firewall Feature information disclosure
126549Foscam C2/Opticam i5 Firewall Feature access control [CVE-2018-19074]
126548Foscam C2/Opticam i5 ProductConfig.xml os command injection
126547Foscam C2/Opticam i5 app access control
126546Foscam C2/Opticam i5 boot.sh access control
126545Foscam C2/Opticam i5 CGIProxy.fcgi addAccount os command injection
126544Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19069]
126543Foscam C2/Opticam i5 7pk security [CVE-2018-19068]
126542Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19067]
126541Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19066]
126540Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19065]
126539Foscam C2/Opticam i5 FTP credentials management [CVE-2018-19064]
126538Foscam C2/Opticam i5 hard-coded credentials [CVE-2018-19063]
126537DeDeCMS co_do.php sql injection
126536Poppler GooString.h null pointer dereference🔒
126535Poppler FileSpec.cc save2 out-of-bounds read🔒
126534Poppler Object.h save2 input validation🔒
126533SimpleMDE cross site scripting [CVE-2018-19057]
126532Pandao Editor.md DOM-Based cross site scripting [CVE-2018-19056]
126531PbootCMS code injection [CVE-2018-19053]
126530lighttpd mod_alias_physical_handler mod_alias.c path traversal🔒
126529MetInfo cross site scripting [CVE-2018-19051]
126528MetInfo cross site scripting [CVE-2018-19050]
126527mPDF Web Application getImage server-side request forgery
126526Micro Focus Operations Bridge Containerized Suite information disclosure
126525nginx ngx_http_mp4_module information disclosure [CVE-2018-16845]🔒
126524nginx HTTP2 resource consumption [CVE-2018-16844]🔒
126523nginx HTTP2 resource consumption [CVE-2018-16843]🔒
126522axTLS PKCS #1 x509.c sig_verify Impersonation signature verification
126521axTLS PKCS #1 x509.c sig_verify Impersonation signature verification
126520axTLS ASN.1 x509.c sig_verify signature verification
126519Google Android hid-debug.c chap_server_compute_md5 out-of-bounds write🔒
126518Google Android WiFi WifiStateMachine.java sendNetworkStateChangeBroadcast information disclosure
126517Google Android SELinux access control [CVE-2018-9488]
126516Google Android binder.c task_get_unused_fd_flags use after free
126515Google Android Attachment.java Attachment path traversal
126514Google Android RootWindowContainer.java computeFocusedWindow access control
126513Google Android sdp_utils.cc sdpu_extract_attr_seq out-of-bounds read
126512Google Android bnep_main.cc bnep_data_ind out-of-bounds read
126511Google Android avdt_msg.cc avdt_msg_prs_cfg out-of-bounds read
126510Google Android ResourceTypes.cpp load out-of-bounds read
126509Google Android avrc_api.cc avrc_proc_vendor_command out-of-bounds write
126508Google Android avct_bcb_act.cc avct_bcb_msg_ind out-of-bounds read
126507Google Android smp_br_main.cc smp_br_state_machine_event out-of-bounds write
126506Google Android USB Device Utils.cpp readMetadata path traversal
126505Google Android ih264d_api.c ih264d_video_decode resource consumption
126504Google Android WiFi VPN access control [CVE-2018-9438]
126503Google Android ID3.cpp out-of-bounds read
126502Google Android bnep_main.cc bnep_data_ind out-of-bounds read
126501Google Android OMXNodeInstance.cpp CopyToOMX out-of-bounds write
126500Google Android futex.c get_futex_key use after free🔒
126499Google Android bus.c driver_override_show double free🔒
126498Google Android bus.c driver_override_store out-of-bounds write🔒
126497Google Android Bluetooth vmacache.c hidp_process_report integer overflow🔒
126496Google Android InboundSmsHandler.java processMessagePart input validation
126495Google Android l2c_main.cc process_l2cap_cmd out-of-bounds read
126494Google Android l2c_main.cc process_l2cap_cmd out-of-bounds read
126493Google Android l2c_main.cc process_l2cap_cmd out-of-bounds read
126492Google Android gatt_sc.cc gatts_process_attribute_req information disclosure
126491Google Android bnep_api.cc BNEP_Write out-of-bounds write
126490Google Android bnep_main.c bnep_data_ind double free
126489Google Android bta_dm_act.cc bta_dm_sdp_result out-of-bounds write
126488Apache Syncope BPMN Definition xml external entity reference
126487Apache Syncope cross site scripting [CVE-2018-17184]
126486Texas Instruments BLE-STACK memory corruption [CVE-2018-16986]
126485IBM Rational Collaborative Lifecycle Management HSTS information disclosure
126484Knightjs path traversal [CVE-2018-16475]
126483tianma-static Module Stored cross site scripting [CVE-2018-16474]
126482takeapeek Module path traversal [CVE-2018-16473]
126481cached-path-relative input validation [CVE-2018-16472]
126480IBM Rational Collaborative Lifecycle Management Error Message information disclosure
126479RichFaces Framework org.ajax4jsf.resource.UserResource$UriData code injection🔒
126478TIBCO Enterprise Messaging Service emsca cross-site request forgery
126477TIBCO RendezVous rvrd/rvrsd/rvsd/rvcache/rvdm cross-site request forgery
126476TIBCO Messaging - Apache Kafka Distribution - Schema Repository tibschemad cross-site request forgery
126475TIBCO FTL tibrealmserver cross-site request forgery [CVE-2018-12412]
126474TIBCO ActiveSpaces tibdgadmind cross-site request forgery [CVE-2018-12411]
126473i18n Gem hash.rb input validation🔒
126472Zoho ManageEngine Network Configuration Manager/OpManager ProcessRequest.do xml external entity reference
126471osCommerce Blacklist Filter .htaccess input validation
126470osCommerce Blacklist Filter .htaccess input validation
126469osCommerce Blacklist Filter .htaccess input validation
126468Degrau Publicidade e Internet Plataforma de E-Commerce Busca.aspx.cs sql injection
126467libIEC61850 goose_publisher.c prepareGooseBuffer memory corruption
126466Suricata SMTP Parser util-decode-mime.c ProcessMimeEntity input validation🔒
126465Omron CX-Supervisor Project File type conversion [CVE-2018-17913]
126464Omron CX-Supervisor Project File use after free [CVE-2018-17909]
126463Omron CX-Supervisor information disclosure [CVE-2018-17907]
126462Omron CX-Supervisor Project File memory corruption [CVE-2018-17905]
126461SourceTree Git Subrepository command injection [CVE-2018-13397]
126460SourceTree Git Subrepository command injection [CVE-2018-13396]
126459jQuery Picture Cut File Upload unrestricted upload [CVE-2018-9208]
126458JEECMS cross site scripting [CVE-2018-18952]
126457KindEditor upload_json.php path traversal
126456Zoho ManageEngine OpManager Mail Server Settings sql injection
126455BaserCMS edit cross site scripting
126454BaserCMS ThemeConfig.php input validation
126453WUZHI CMS Stored cross site scripting [CVE-2018-18939]
126452WUZHI CMS Stored cross site scripting [CVE-2018-18938]
126451libIEC61850 ied_connection.c ClientDataSet_getValues null pointer dereference
126450PopojiCMS admin_library.php path traversal [CVE-2018-18936]
126449PopojiCMS cross-site request forgery [CVE-2018-18935]
126448PopojiCMS admin_component.php unrestricted upload
126447Foxit Reader u3d plugin U3DBrowser.fpi out-of-bounds read
126446International Components for Unicode number_decimalquantity.cpp toScientificString integer overflow🔒
126445PublicCMS cross site scripting [CVE-2018-18927]
126444Gitea Session ID session session fixiation
126443Gogs Session ID session session fixiation
126442ProjeQtOr image-upload input validation [CVE-2018-18924]
126441WP Editor.MD Plugin cross site scripting [CVE-2018-18919]
126440xhEditor SRC Attribute cross site scripting [CVE-2018-18909]
126439Vanilla code injection [CVE-2018-18903]
126438Waimai Super CMS cross-site request forgery [CVE-2018-14014]
126437Schneider Electric Software Update DLL uncontrolled search path
126436Schneider Electric Modicon M221 IPv4 Config insufficient verification of data authenticity
126435Yi Home Camera 27US UDP Packet resource consumption [CVE-2018-3935]
126434Yi Home Camera 27US UDP Packet key management [CVE-2018-3934]
126433Yi Home Camera 27US 7-zip File input validation [CVE-2018-3920]
126432Yi Home Camera 27US QR Code Scanner memory corruption [CVE-2018-3899]
126431Yi Home Camera 27US QR Code Scanner memory corruption [CVE-2018-3898]
126430Yi Home Camera 27US memory corruption [CVE-2018-3892]
126429Yi Home Camera 27US SD Card input validation [CVE-2018-3891]
126428Yi Home Camera 27US SD Card command injection [CVE-2018-3890]
126427Exiv2 image.cpp printIFDStructure resource consumption
126426Poppler GfxState.cc setDisplayProfile resource management🔒
126425IBM Robotic Process Automation with Automation Anywhere information disclosure
126424IBM Robotic Process Automation with Automation Anywhere Password information disclosure
126423IBM Robotic Process Automation with Automation Anywhere Control Room Log File log file
126422IBM Rational Engineering Lifecycle Manager XML Data xml external entity reference
126421IBM Daeja ViewONE XML Data xml external entity reference [CVE-2018-1835]
126420Circontrol CirCarLife PAP Credential Storage Log credentials management
126419Circontrol CirCarLife URL improper authentication [CVE-2018-17918]
126418InduSoft Web Studio/Aveva InTouch Edge HMI memory corruption
126417InduSoft Web Studio/Aveva InTouch Edge HMI access control [CVE-2018-17914]
126416CASE Suite Parameter Entity xml external entity reference [CVE-2018-17912]
126415IBM Spectrum Protect Trace Log log file [CVE-2018-1788]🔒
126414openstack-mistral information disclosure [CVE-2018-16849]
126413QEMU NVM Express Controller Emulator out-of-bounds read [CVE-2018-16847]🔒
126412Pivotal Operations Manager access control [CVE-2018-15762]
126411IBM Robotic Process Automation with Automation Anywhere File Upload unrestricted upload
126410Dell EMC Integrated Data Protection Appliance hard-coded credentials
126409IBM Quality Manager Web UI cross site scripting [CVE-2017-1609]
126408Xiph Icecast URL Authentication memory corruption [CVE-2018-18820]🔒
126407Green Electronics RainMachine Mini-8/Touch HD 12 Web Application API Page input validation
126406Green Electronics RainMachine Mini-8/Touch HD 12 Web Application HTTP Header improper authentication
126405Green Electronics RainMachine Mini-8/Touch HD 12 Web Application REST API cross-site request forgery
126404Green Electronics RainMachine Mini-8/Touch HD 12 Web Application REST API Persistent cross site scripting
126403Green Electronics RainMachine Mini-8 Add New Weather Data Source code injection
126402Green Electronics RainMachine Mini-8 TOTP Hash credentials management
126401SDL2_image XCF Image memory corruption [CVE-2018-3977]🔒
126400Yi Home Camera 27US Phone-to-Camera Communication information disclosure
126399Yi Home Camera 27US access control [CVE-2018-3928]
126398Yi Home Camera 27US OTA Setup command injection [CVE-2018-3910]
126397Yi Home Camera 27US QR Code Scanner memory corruption [CVE-2018-3900]
126396Microstrategy Web mstrWeb path traversal
126395Microstrategy Web admin.asp cross site scripting
126394Microstrategy Web Login.asp cross site scripting
126393IObit Malware Fighter IOCTL RegFilter.sys memory corruption
126392M2SOFT Report Designer Viewer MRD File memory corruption [CVE-2018-18695]
126391Red Hat GlusterFS resource management [CVE-2018-14660]🔒
126390NetGain Enterprise Manager os command injection [CVE-2018-10587]
126389NetGain Enterprise Manager Stored cross site scripting [CVE-2018-10586]
126388ZTE ZXR10 8905E TCP ISN 7pk security [CVE-2018-7356]
126387Cisco ASA/Firepower Threat Defense Session Initiation Protocol input validation🔒
126386PowerDNS Authoritative Server Zone integer overflow [CVE-2016-2120]🔒🔒
126385miniCMS install.php code injection
126384miniCMS improper authentication [CVE-2018-18891]
126383miniCMS Path path traversal [CVE-2018-18890]
126382laravelCMS ProfileController.php unrestricted upload
126381X-CMS PHP member_news.php sql injection
126380Xen null pointer dereference [CVE-2018-18883]🔒
126379nc-cms Upload unrestricted upload [CVE-2018-18874]
126378Jasper ras_enc.c ras_putdatastd null pointer dereference🔒
126377EmpireCMS ecmscom.php path traversal
126376No-CMS Persistent cross site scripting [CVE-2018-18868]
126375Tecrail Responsive FileManager Incomplete Fix upload.php server-side request forgery
126374Lightbend Spray spray-json Hash Code resource consumption [CVE-2018-18854]
126373Lightbend Spray spray-json Field Parser Complexity resource consumption
126372IBM WebSphere Application Server Liberty RP Service deserialization
126371cURL tool_msgs.c voutf out-of-bounds read🔒
126370cURL Easy Curl_close use after free🔒
126369cURL SASL Authentication memory corruption [CVE-2018-16839]🔒
126368Advantech WebAccess Bwmainleft.asp cross site scripting
126367Advantech WebAccess WADashboard API path traversal [CVE-2018-15706]
126366Advantech WebAccess WADashboard API path traversal [CVE-2018-15705]
126365F5 BIG-IP TMUI command injection [CVE-2018-15327]🔒
126364F5 BIG-IP APM CRLDP Auth Access Policy Agent certificate validation🔒
126363F5 BIG-IP iControl/TMSH resource consumption [CVE-2018-15325]🔒
126362F5 BIG-IP APM APM Portal Access input validation [CVE-2018-15324]🔒
126361F5 BIG-IP TMM input validation [CVE-2018-15323]🔒
126360F5 BIG-IP tmsh var access control🔒
126359F5 BIG-IP Appliance Mode access control [CVE-2018-15321]🔒
126358F5 BIG-IP access control [CVE-2018-15320]🔒
126357F5 BIG-IP TMM input validation [CVE-2018-15319]🔒
126356F5 BIG-IP MPTCP Connection input validation [CVE-2018-15318]🔒
126355F5 BIG-IP SSL Virtual Server cryptographic issues [CVE-2018-15317]🔒
126354Red Hat GlusterFS snprintf format string🔒
126353Red Hat GlusterFS setxattr(2) resource consumption🔒
126352Red Hat GlusterFS input validation [CVE-2018-14654]🔒
126351Red Hat GlusterFS __server_getspec memory corruption🔒
126350Red Hat GlusterFS pl_getxattr memory corruption🔒
126349Red Hat GlusterFS Incomplete Fix link following [CVE-2018-14651]🔒
126348Synology Photo Station SYNO.PhotoStation.Auth session fixiation
126347Synology DiskStation Manager SYNO.Core.ACL information disclosure
126346Apache Tomcat Path path traversal [CVE-2018-11759]🔒
126345Red Hat JBoss BPM Suite Dashbuilder Controller Reflected cross site scripting
126344libexif MNOTE Entry Parser integer overflow [CVE-2016-6328]🔒🔒
126343cfme Control File Import code injection [CVE-2016-5402]
126342Redis Permission access control [CVE-2016-2121]
126341Apple macOS WiFi input validation [CVE-2018-4368]🔒
126340Apple macOS Symptom Framework out-of-bounds read [CVE-2018-4203]🔒
126339Apple macOS Spotlight memory corruption [CVE-2018-4393]🔒
126338Apple macOS Security input validation [CVE-2018-4395]🔒
126337Apple macOS Security input validation [CVE-2018-4400]🔒
126336Apple macOS Ruby path traversal [CVE-2018-8780]🔒🔒
126335Apple macOS Ruby input validation [CVE-2018-8779]🔒🔒
126334Apple macOS Ruby format string [CVE-2018-8778]🔒🔒
126333Apple macOS Ruby resource consumption [CVE-2018-8777]🔒🔒
126332Apple macOS Ruby path traversal [CVE-2018-6914]🔒🔒
126331Apple macOS Ruby response splitting [CVE-2017-17742]🔒🔒
126330Apple macOS Ruby os command injection [CVE-2017-17405]🔒🔒
126329Apple macOS Ruby memory corruption [CVE-2017-14064]🔒🔒
126328Apple macOS Ruby memory corruption [CVE-2017-14033]🔒🔒
126327Apple macOS Ruby improper authentication [CVE-2017-10784]🔒🔒
126326Apple macOS Ruby format string [CVE-2017-0898]🔒🔒
126325Apple macOS Perl memory corruption [CVE-2018-6797]🔒🔒
126324Apple macOS NetworkExtension input validation [CVE-2018-4369]🔒
126323Apple macOS Microcode information disclosure [CVE-2018-3640]🔒
126322Apple macOS MediaRemote privileges management [CVE-2018-4310]🔒
126321Apple macOS mDNSOffloadUserClient memory corruption [CVE-2018-4326]🔒
126320Apple macOS Mail input validation [CVE-2018-4389]🔒
126319Apple macOS Login Window input validation [CVE-2018-4348]🔒
126318Apple macOS Kernel memory corruption [CVE-2018-4424]🔒
126317Apple macOS Kernel memory corruption [CVE-2018-4407]🔒🔒
126316Apple macOS Kernel memory corruption [CVE-2018-4413]🔒
126315Apple macOS Kernel memory corruption [CVE-2018-4291]🔒
126314Apple macOS Kernel memory corruption [CVE-2018-4288]🔒
126313Apple macOS Kernel memory corruption [CVE-2018-4287]🔒
126312Apple macOS Kernel memory corruption [CVE-2018-4286]🔒
126311Apple macOS Kernel memory corruption [CVE-2018-4259]🔒
126310Apple macOS Kernel memory corruption [CVE-2018-4425]🔒
126309Apple macOS Kernel memory corruption [CVE-2018-4419]🔒
126308Apple macOS Kernel memory corruption [CVE-2018-4340]🔒
126307Apple macOS Kernel input validation [CVE-2018-4399]🔒
126306Apple macOS Kernel memory corruption [CVE-2018-4420]🔒
126305Apple macOS IPSec out-of-bounds read [CVE-2018-4371]🔒
126304Apple macOS IOUserEthernet memory corruption [CVE-2018-4401]🔒
126303Apple macOS IOKit memory corruption [CVE-2018-4354]🔒
126302Apple macOS IOKit memory corruption [CVE-2018-4341]🔒
126301Apple macOS IOKit memory corruption [CVE-2018-4402]🔒
126300Apple macOS IOHIDFamily memory corruption [CVE-2018-4408]🔒
126299Apple macOS IOGraphics memory corruption [CVE-2018-4422]🔒
126298Apple macOS Intel Graphics Driver memory corruption [CVE-2018-4350]🔒
126297Apple macOS Intel Graphics Driver input validation [CVE-2018-4418]🔒
126296Apple macOS Intel Graphics Driver input validation [CVE-2018-4396]🔒
126295Apple macOS Intel Graphics Driver memory corruption [CVE-2018-4334]🔒
126294Apple macOS ICU memory corruption [CVE-2018-4394]🔒
126293Apple macOS Hypervisor memory corruption [CVE-2018-4242]🔒
126292Apple macOS Hypervisor information disclosure [CVE-2018-3646]🔒
126291Apple macOS Heimdal memory corruption [CVE-2018-4331]🔒
126290Apple macOS Grand Central Dispatch memory corruption [CVE-2018-4426]🔒
126289Apple macOS Foundation input validation [CVE-2018-4304]🔒
126288Apple macOS EFI input validation [CVE-2018-4342]🔒
126287Apple macOS EFI information disclosure [CVE-2018-3639]🔒🔒
126286Apple macOS dyld input validation [CVE-2018-4423]🔒
126285Apple macOS Dock information disclosure [CVE-2018-4403]🔒
126284Apple macOS Dictionary input validation [CVE-2018-4346]🔒
126283Apple macOS CUPS input validation [CVE-2018-4406]🔒
126282Apple macOS CUPS injection [CVE-2018-4153]🔒
126281Apple macOS CoreFoundation memory corruption [CVE-2018-4412]🔒
126280Apple macOS CoreCrypto Prime Number input validation🔒
126279Apple macOS CoreAnimation memory corruption [CVE-2018-4415]🔒
126278Apple macOS CFNetwork memory corruption [CVE-2018-4126]🔒
126277Apple macOS ATS out-of-bounds read [CVE-2018-4308]🔒
126276Apple macOS ATS memory corruption [CVE-2018-4411]🔒
126275Apple macOS APR out-of-bounds read [CVE-2017-12618]🔒🔒
126274Apple macOS APR out-of-bounds read [CVE-2017-12613]🔒🔒
126273Apple macOS AppleGraphicsControl input validation [CVE-2018-4417]🔒
126272Apple macOS AppleGraphicsControl memory corruption [CVE-2018-4410]🔒
126271Apple macOS afpserver input validation [CVE-2018-4295]🔒
126270Apple Safari WebKit memory corruption [CVE-2018-4378]🔒
126269Apple Safari WebKit resource consumption [CVE-2018-4409]🔒
126268Apple Safari WebKit memory corruption [CVE-2018-4416]🔒
126267Apple Safari WebKit memory corruption [CVE-2018-4392]🔒
126266Apple Safari WebKit memory corruption [CVE-2018-4386]🔒
126265Apple Safari WebKit memory corruption [CVE-2018-4382]🔒
126264Apple Safari WebKit memory corruption [CVE-2018-4376]🔒
126263Apple Safari WebKit memory corruption [CVE-2018-4375]🔒
126262Apple Safari WebKit memory corruption [CVE-2018-4373]🔒
126261Apple Safari WebKit memory corruption [CVE-2018-4372]🔒
126260Apple Safari Safari Reader Universal cross site scripting🔒
126259Apple Safari Safari Reader Universal cross site scripting🔒
126258Apple iCloud WebKit memory corruption [CVE-2018-4378]🔒
126257Apple iCloud WebKit resource consumption [CVE-2018-4409]🔒
126256Apple iCloud WebKit memory corruption [CVE-2018-4416]🔒
126255Apple iCloud WebKit memory corruption [CVE-2018-4392]🔒
126254Apple iCloud WebKit memory corruption [CVE-2018-4386]🔒
126253Apple iCloud WebKit memory corruption [CVE-2018-4382]🔒
126252Apple iCloud WebKit memory corruption [CVE-2018-4376]🔒
126251Apple iCloud WebKit memory corruption [CVE-2018-4375]🔒
126250Apple iCloud WebKit memory corruption [CVE-2018-4373]🔒
126249Apple iCloud WebKit memory corruption [CVE-2018-4372]🔒
126248Apple iCloud Safari Reader Universal cross site scripting🔒
126247Apple iCloud Safari Reader Universal cross site scripting🔒
126246Apple iCloud CoreCrypto Prime Number input validation🔒
126245Apple iTunes WebKit memory corruption [CVE-2018-4378]🔒
126244Apple iTunes WebKit resource consumption [CVE-2018-4409]🔒
126243Apple iTunes WebKit memory corruption [CVE-2018-4416]🔒
126242Apple iTunes WebKit memory corruption [CVE-2018-4392]🔒
126241Apple iTunes WebKit memory corruption [CVE-2018-4386]🔒
126240Apple iTunes WebKit memory corruption [CVE-2018-4382]🔒
126239Apple iTunes WebKit memory corruption [CVE-2018-4376]🔒
126238Apple iTunes WebKit memory corruption [CVE-2018-4375]🔒
126237Apple iTunes WebKit memory corruption [CVE-2018-4373]🔒
126236Apple iTunes WebKit memory corruption [CVE-2018-4372]🔒
126235Apple iTunes Safari Reader Universal cross site scripting🔒
126234Apple iTunes Safari Reader Universal cross site scripting🔒
126233Apple iTunes ICU memory corruption [CVE-2018-4394]🔒
126232Apple iTunes CoreCrypto Prime Number input validation🔒
126231Apple watchOS WiFi input validation [CVE-2018-4368]🔒
126230Apple watchOS WebKit memory corruption [CVE-2018-4378]🔒
126229Apple watchOS WebKit memory corruption [CVE-2018-4416]🔒
126228Apple watchOS WebKit memory corruption [CVE-2018-4392]🔒
126227Apple watchOS WebKit memory corruption [CVE-2018-4386]🔒
126226Apple watchOS WebKit memory corruption [CVE-2018-4382]🔒
126225Apple watchOS WebKit memory corruption [CVE-2018-4376]🔒
126224Apple watchOS WebKit memory corruption [CVE-2018-4375]🔒
126223Apple watchOS WebKit memory corruption [CVE-2018-4373]🔒
126222Apple watchOS WebKit memory corruption [CVE-2018-4372]🔒
126221Apple watchOS Security input validation [CVE-2018-4400]🔒
126220Apple watchOS Safari Reader Universal cross site scripting🔒
126219Apple watchOS Safari Reader Universal cross site scripting🔒
126218Apple watchOS NetworkExtension input validation [CVE-2018-4369]🔒
126217Apple watchOS Kernel memory corruption [CVE-2018-4419]🔒
126216Apple watchOS Kernel memory corruption [CVE-2018-4413]🔒
126215Apple watchOS Kernel memory corruption [CVE-2018-4420]🔒
126214Apple watchOS IPSec out-of-bounds read [CVE-2018-4371]🔒
126213Apple watchOS ICU memory corruption [CVE-2018-4394]🔒
126212Apple watchOS CoreCrypto Prime Number input validation🔒
126211Apple watchOS AppleAVD memory corruption [CVE-2018-4384]
126210Apple tvOS WiFi input validation [CVE-2018-4368]🔒
126209Apple tvOS WebKit memory corruption [CVE-2018-4378]🔒
126208Apple tvOS WebKit resource consumption [CVE-2018-4409]🔒
126207Apple tvOS WebKit memory corruption [CVE-2018-4416]🔒
126206Apple tvOS WebKit memory corruption [CVE-2018-4392]🔒
126205Apple tvOS WebKit memory corruption [CVE-2018-4386]🔒
126204Apple tvOS WebKit memory corruption [CVE-2018-4382]🔒
126203Apple tvOS WebKit memory corruption [CVE-2018-4372]🔒
126202Apple tvOS NetworkExtension input validation [CVE-2018-4369]🔒
126201Apple tvOS Kernel memory corruption [CVE-2018-4419]🔒
126200Apple tvOS Kernel memory corruption [CVE-2018-4413]🔒
126199Apple tvOS Kernel memory corruption [CVE-2018-4420]🔒
126198Apple tvOS IPSec out-of-bounds read [CVE-2018-4371]🔒
126197Apple tvOS ICU memory corruption [CVE-2018-4394]🔒
126196Apple tvOS CoreCrypto Prime Number input validation🔒
126195Apple iOS WiFi input validation [CVE-2018-4368]🔒
126194Apple iOS WebKit memory corruption [CVE-2018-4378]🔒
126193Apple iOS WebKit resource consumption [CVE-2018-4409]🔒
126192Apple iOS WebKit memory corruption [CVE-2018-4416]🔒
126191Apple iOS WebKit memory corruption [CVE-2018-4392]🔒
126190Apple iOS WebKit memory corruption [CVE-2018-4386]🔒
126189Apple iOS WebKit memory corruption [CVE-2018-4382]🔒
126188Apple iOS WebKit memory corruption [CVE-2018-4376]🔒
126187Apple iOS WebKit memory corruption [CVE-2018-4375]🔒
126186Apple iOS WebKit memory corruption [CVE-2018-4373]🔒
126185Apple iOS WebKit memory corruption [CVE-2018-4372]🔒
126184Apple iOS WebKit Address input validation
126183Apple iOS VoiceOver information disclosure [CVE-2018-4387]
126182Apple iOS Security input validation [CVE-2018-4400]🔒
126181Apple iOS Safari Reader Universal cross site scripting🔒
126180Apple iOS Safari Reader Universal cross site scripting🔒
126179Apple iOS Notes Lock Screen information disclosure
126178Apple iOS NetworkExtension input validation [CVE-2018-4369]🔒
126177Apple iOS Messages authentication spoofing [CVE-2018-4391]
126176Apple iOS Messages authentication spoofing [CVE-2018-4390]
126175Apple iOS Kernel memory corruption [CVE-2018-4419]🔒
126174Apple iOS Kernel memory corruption [CVE-2018-4413]🔒
126173Apple iOS Kernel memory corruption [CVE-2018-4420]🔒
126172Apple iOS IPSec out-of-bounds read [CVE-2018-4371]🔒
126171Apple iOS IOHIDFamily memory corruption [CVE-2018-4427]🔒
126170Apple iOS ICU memory corruption [CVE-2018-4394]🔒
126169Apple iOS Graphics Driver memory corruption [CVE-2018-4384]
126168Apple iOS FaceTime memory corruption [CVE-2018-4367]
126167Apple iOS FaceTime memory corruption [CVE-2018-4366]
126166Apple iOS CoreCrypto Prime Number input validation🔒
126165Apple iOS Contacts out-of-bounds read [CVE-2018-4365]
126164Apple iOS AppleAVD memory corruption [CVE-2018-4384]
126163VGo Robot Firmware Credentials credentials management
126162Octopus Deploy YAML Config input validation [CVE-2018-18850]
126161Z-BlogPHP theme.js.php cross-site request forgery
126160SEMCMS PHP cross site scripting [CVE-2018-18841]
126159SEMCMS PHP cross site scripting [CVE-2018-18840]
126158DocCms Template File changeskin.php upload_template code injection
126157libIEC61850 ber_encoder.c BerEncoder_encodeOctetString memory corruption
126156DKCMS Cookie check.asp sql injection
126155MCMS GeneraterAction.java path traversal
126154MCMS File Upload FileAction.java unrestricted upload
126153libav AAC File vc1.c ff_vc1_parse_frame_header_adv null pointer dereference
126152libav AAC File vc1_block.c vc1_decode_i_block_adv memory corruption
126151libav AAC File vc1_block.c ff_vc1_pred_dc out-of-bounds read
126150libav AAC File vc1_block.c memory corruption
126149Pagoda Linux Panel Verification Code cross site scripting [CVE-2018-18825]
126148Grapixel New Media pages.aspx sql injection
126147Linux Kernel mremap input validation🔒
126146VGo Robot XAMPP improper authorization [CVE-2018-17933]
126145VGo Robot access control [CVE-2018-17931]
126144MantisBT Edit Filter Page manage_filter_edit_page.php cross site scripting
126143MantisBT Filters Page manage_filter_page.php cross site scripting
126142Merge Package merge.recursive input validation
126141Loofah Gem SVG Javascript cross site scripting🔒
126140Nextcloud Server Check improper authentication [CVE-2018-16467]
126139Nextcloud Server Access Restriction access control [CVE-2018-16466]
126138Nextcloud Server Second Factor improper authentication [CVE-2018-16465]
126137Nextcloud Server Access Check improper authentication [CVE-2018-16464]
126136Nextcloud Server Session session fixiation [CVE-2018-16463]
126135apex-publish-static-files command injection [CVE-2018-16462]
126134libnmapp Range Option command injection [CVE-2018-16461]
126133Tenda AC7/AC9/AC10 setUsbUnload dosystemCmd command injection
126132ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access control
126131ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys input validation
126130ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access control
126129ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access control
126128EE 4GEE HH70 SSH core_app hard-coded credentials
126127OpenSSL DSA Signature key management [CVE-2018-0734]🔒
126126BitDefender GravityZone VMware Appliance access control [CVE-2017-8931]
126125Interactive Advertising Bureau OpenRTB access control [CVE-2015-7266]
126124python-kdcproxy POST Request input validation [CVE-2015-5159]🔒
126123Leostream Agent API Registry access control
126122PlaySMS Daemon access control [CVE-2018-18387]
126121Advantech WebAccess memory corruption [CVE-2018-17910]
126120Advantech WebAccess Access Control access control [CVE-2018-17908]
126119Foxit PhantomPDF fxhtml2pdf memory corruption [CVE-2018-17706]
126118IBM WebSphere Application Server Cachemonitor cross site scripting
126117IBM Team Concert Web UI cross site scripting [CVE-2018-1766]
126116Foxit Reader use after free [CVE-2018-17624]
126115Foxit Reader use after free [CVE-2018-17623]
126114Foxit Reader information disclosure [CVE-2018-17622]
126113Foxit Reader use after free [CVE-2018-17621]
126112Foxit Reader use after free [CVE-2018-17620]
126111Foxit Reader use after free [CVE-2018-17619]
126110Foxit Reader use after free [CVE-2018-17618]
126109Foxit Reader use after free [CVE-2018-17617]
126108Foxit Reader use after free [CVE-2018-17616]
126107Foxit Reader use after free [CVE-2018-17615]
126106IBM InfoSphere Master Data Management Collaboration Server information disclosure
126105Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11884]
126104Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11882]
126103Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11880]
126102Qualcomm Snapdragon Mobile integer overflow [CVE-2018-11879]
126101Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11877]
126100Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11876]
126099Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11875]
126098Qualcomm Snapdragon Mobile NDP Connection memory corruption [CVE-2018-11874]
126097Qualcomm Snapdragon Mobile WLAN input validation [CVE-2018-11873]
126096Qualcomm Snapdragon Mobile WLAN input validation [CVE-2018-11872]
126095Qualcomm Snapdragon Automobile WLAN memory corruption [CVE-2018-11871]
126094Qualcomm Snapdragon Automobile Legacy Rate Count memory corruption
126093Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11867]
126092Qualcomm Snapdragon Mobile WLAN integer overflow [CVE-2018-11866]
126091Qualcomm Snapdragon Mobile Structure Size Calculation integer overflow
126090Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11862]
126089Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11861]
126088Qualcomm Snapdragon Mobile WLAN memory corruption [CVE-2018-11859]
126087Qualcomm Snapdragon Mobile IE Set Command memory corruption [CVE-2018-11858]
126086Qualcomm Snapdragon Mobile WLAN Encryption Module memory corruption
126085Qualcomm Snapdragon Mobile WMI Command memory corruption [CVE-2018-11856]
126084Google Android Linux Kernel out-of-bounds read [CVE-2017-18281]
126083zzcms Cookie zs_list.php sql injection
126082zzcms Cookie search.php sql injection
126081zzcms Cookie special_add.php sql injection
126080zzcms top.php sql injection
126079zzcms classmanage.php sql injection
126078zzcms Cookie zs.php sql injection
126077zzcms Cookie zs.php sql injection
126076zzcms Cookie subzs.php sql injection
126075zzcms tagmanage.php sql injection
126074SEMCMS cross site scripting [CVE-2018-18783]
126073DeDeCMS myfriend.php Reflected cross site scripting
126072DeDeCMS uploads_select.php cross site scripting
126071Acme mini_httpd information disclosure [CVE-2018-18778]
126070LuLu CMS DefaultController.php unrestricted upload
126069Cesanta Mongoose MQTT Parser mg_mqtt_next_subscribe_topic out-of-bounds read
126068Cesanta Mongoose MQTT Parser parse_mqtt out-of-bounds read
126067ZyXEL VMG3312-B10B default.cfg credentials management
126066Typecho server-side request forgery [CVE-2018-18753]
126065Webiness Inventory WsSaveToModel.php unrestricted upload [CVE-2018-18752]
126064GNU gettext read-catalog.c default_add_message double free🔒
126063data-tools write_wchars integer overflow
126062Sandboxie Sandbox os.system("cmd") input validation
126061SEMCMS Edit cross site scripting [CVE-2018-18745]
126060SEMCMS Textbox SEMCMS_Main.php cross site scripting
126059SEMCMS cross site scripting [CVE-2018-18743]
126058SEMCMS cross-site request forgery [CVE-2018-18742]
126057SEMCMS Edit cross site scripting [CVE-2018-18741]
126056SEMCMS cross site scripting [CVE-2018-18740]
126055SEMCMS cross site scripting [CVE-2018-18739]
126054SEMCMS cross site scripting [CVE-2018-18738]
126053Douchat notify.php simplexml_load_string xml external entity reference
126052Catfish Blog Source Code cross site scripting [CVE-2018-18736]
126051Catfish Blog tiquan cross-site request forgery
126050Catfish CMS addmanageuser.html cross-site request forgery
126049Catfish CMS Source Code cross site scripting [CVE-2018-18733]
126048Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18732]
126047Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18731]
126046Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18730]
126045Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18729]
126044Tenda AC9/AC18 POST Request __fastcall command injection
126043Tenda AC7/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18727]
126042YUNUCMS cross site scripting [CVE-2018-18726]
126041YUNUCMS cross site scripting [CVE-2018-18725]
126040YUNUCMS cross site scripting [CVE-2018-18724]
126039YUNUCMS 110000 cross site scripting
126038YUNUCMS cross site scripting [CVE-2018-18722]
126037YUNUCMS cross site scripting [CVE-2018-18721]
126036YUNUCMS basic cross site scripting
126035gThumb dlg-contact-sheet.c add_themes_from_dir double free🔒
126034Eleanor CMS ajax.php cross site scripting
126033PHPYun database.class.php down_sql_action path traversal
126032WUZHI CMS cross-site request forgery [CVE-2018-18712]
126031WUZHI CMS cross-site request forgery [CVE-2018-18711]
126030Linux Kernel cdrom.c cdrom_ioctl_select_disc Kernel Memory information disclosure🔒
126029Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18709]
126028Tenda AC7/AC9/AC10/AC15/AC18 Web Server fromAddressNat memory corruption
126027Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-18707]
126026Tenda AC7/AC9/AC10/AC15/AC18 Web Server fromDhcpListClient memory corruption
126025PhpTpoint Hospital Management System index.php sql injection
126024PhpTpoint Pharmacy Management System index.php sql injection
126023PhpTpoint Mailing Server Using File Handling Login Page home.php path traversal
126022iCMS spider.admincp.php sql injection
126021GNU binutils GNU libiberty cp-demangle.c next_is_type_qual resource consumption
126020GNU binutils GNU libiberty cp-demangle.c d_local_name resource consumption
126019GoPro gpmf-parser GPMF_mp4reader.c OpenMP4Source out-of-bounds write
126018Monstra CMS Stored cross site scripting [CVE-2018-18694]
126017OpenSSL ECDSA key management [CVE-2018-0735]🔒
126016ProjectSend actions.log.export.php improper authorization
126015ProjectSend process-zip-download.php path traversal
126014ProjectSend users.php improper authentication
126013ProjectSend manage-files.php sql injection
126012Linux Kernel XFS File System xfs_attr.c data processing🔒
126011HPE Windows Firmware Installer information disclosure [CVE-2018-7112]
126010Ubuntu Linux Kernel information disclosure [CVE-2018-6559]🔒
126009Qualcomm Snapdragon Mobile/Snapdragon Wear TZ array index [CVE-2018-5914]
126008Qualcomm Snapdragon Mobile/Snapdragon Wear Log memory corruption
126007MKVToolNix MKVINFO MKV use after free [CVE-2018-4022]🔒
126006Qualcomm Snapdragon Automobile Access Control access control
126005Artifex MuPDF font.c fz_run_t3_glyph out-of-bounds read🔒
126004LibTIFF tif_lzw.c LZWDecode null pointer dereference🔒
126003Arcserve Unified Data Protection domain.jsp Reflected cross site scripting
126002Arcserve Unified Data Protection UdpHttpService xml external entity reference
126001Arcserve Updates Data Protection FullUpdateSettings.xml information disclosure
126000Arcserve Unified Data Protection EdgeServiceImpl information disclosure
125999PureVPN Client login.conf Credentials credentials management
125998systemd dhcp6 Client memory corruption [CVE-2018-15688]🔒
125997systemd chown_one race condition🔒
125996systemd unit_deserialize deserialization🔒
125995Qualcomm Snapdragon Mobile Core module access control [CVE-2018-11951]
125994Qualcomm Snapdragon Mobile TrustZone input validation [CVE-2018-11950]
125993Qualcomm Snapdragon Mobile Length memory corruption [CVE-2018-11854]
125992Qualcomm Snapdragon Mobile/Snapdragon Wear Channel memory corruption
125991Qualcomm Snapdragon Automobile memory corruption [CVE-2018-11850]
125990Qualcomm Snapdragon Automobile bssid Parameter memory corruption
125989Qualcomm Snapdragon Mobile Memory Comparison information disclosure
125988Qualcomm Snapdragon Mobile FW resource consumption [CVE-2018-11828]
125987Qualcomm Snapdragon Mobile/Snapdragon Wear memory corruption
125986Qualcomm Snapdragon Mobile integer overflow [CVE-2018-11822]
125985Qualcomm Snapdragon Mobile/Snapdragon Wear WLAN integer overflow
125984Qualcomm Snapdragon Automobile FDAL Message use after free [CVE-2018-11305]
125983Qualcomm Snapdragon Automobile XPU Master access control [CVE-2017-18311]
125982Qualcomm Snapdragon Automobile ClientEnv access control [CVE-2017-18310]
125981Qualcomm Snapdragon Mobile QMP Transportation array index [CVE-2017-18309]
125980Qualcomm Snapdragon Mobile/Snapdragon Wear Modem Segment access control
125979Qualcomm Snapdragon Automobile Secure Boot memory corruption
125978Prayer List Module Username information disclosure [CVE-2018-18655]
125977Crossroads Build tmp access control
125976Ubuntu Linux UEFI Secure Boot module.c access control🔒
125975Mozilla Firefox memory corruption [CVE-2018-12390]🔒
125974Mozilla Firefox memory corruption [CVE-2018-12389]🔒
125973Mozilla Firefox memory corruption [CVE-2018-12388]🔒
125972Mozilla Firefox HTTP Warning 7pk security🔒
125971Mozilla Firefox Cookie origin validation [CVE-2018-12402]🔒
125970Mozilla Firefox URL Parser input validation [CVE-2018-12401]🔒
125969Mozilla Firefox Cache information disclosure [CVE-2018-12400]🔒
125968Mozilla Firefox Protocol Registration Notification Bar improper authentication🔒
125967Mozilla Firefox CSS Content Security Policy privileges management🔒
125966Mozilla Firefox WebExtension information disclosure [CVE-2018-12397]🔒
125965Mozilla Firefox WebExtension permission assignment [CVE-2018-12396]🔒
125964Mozilla Firefox WebExtension privileges management [CVE-2018-12395]🔒
125963Mozilla Firefox Unicode Converter out-of-bounds write [CVE-2018-12393]🔒
125962Mozilla Firefox Nested Event infinite loop [CVE-2018-12392]🔒
125961Mozilla Firefox HTTP Live Streaming 7pk security [CVE-2018-12391]🔒
125960Sophos HitmanPro.Alert IOCTL Handler Function write-what-where condition
125959Sophos HitmanPro.Alert IOCTL Handler Function information disclosure
125958Veritas NetBackup Appliance input validation [CVE-2018-18652]
125957Foo Labs Xpdf PDF File AcroForm.cc catalog->getNumPages resource management
125956Foo Labs Xpdf PDF File XRef.cc readXRefStream integer overflow
125955Reliance 4 SCADA/HMI cross site scripting [CVE-2018-17904]
125954X.org X11 Server Permission Check access control [CVE-2018-14665]🔒
125953Eaton UPS 9PX 8000 SP Administration Panel cross-site request forgery
125952Eaton UPS 9PX 8000 SP SNMP Password credentials management [CVE-2018-9280]
125951Eaton UPS 9PX 8000 SP Web Page credentials management [CVE-2018-9279]
125950BitDefender GravityZone Installer signature verification [CVE-2018-8955]
125949Neato Botvac Connected Setup API initialize command injection
125948D-Link DSL-2640T webcm cross site scripting
125947MailCleaner CE Administration Login Interface UserController.php cross site scripting
125946Communigate Pro Pronto! Mail Composer Stored cross site scripting
125945Polycom VVX 500/VVX 601 X.509 Certificate Validation certificate validation
125944AudioCodes 440HD/450HD X.509 Certificate Validation certificate validation
125943Polycom VVX 500/VVX 601 SIP Service information disclosure [CVE-2018-18566]
125942ServersCheck Monitoring Software lnk File path traversal [CVE-2018-18552]
125941ServersCheck Monitoring Software cross site scripting [CVE-2018-18551]
125940ajenti ajenticp cross site scripting [CVE-2018-18548]
125939Vesta Control Panel cross site scripting [CVE-2018-18547]
125938Citrix Netscaler Gateway cross site scripting [CVE-2018-18517]🔒
125937mysql-binuuid-rails Database Column sql injection [CVE-2018-18476]
125936Citrix Xen Mobile Configuration Service access control [CVE-2018-18014]
125935Citrix Xen Mobile Service Port 5001 deserialization [CVE-2018-18013]
125934Telecrane F25 Series Radio Controls 7pk security [CVE-2018-17935]
125933SAGA1-L8B improper authentication [CVE-2018-17923]
125932SAGA1-L8B Pairing access control [CVE-2018-17921]
125931SAGA1-L8B input validation [CVE-2018-17903]
125930SaltStack Salt salt-api(netapi) improper authentication🔒
125929SaltStack Salt Salt-api path traversal [CVE-2018-15750]🔒
125928Cisco Webex Meetings Desktop App Update Service os command injection🔒
125927IBM WebSphere Commerce Enterprise Web UI cross site scripting
125926Fuji Energy Savings Estimator DLL Loader uncontrolled search path
125925Anda App Server API hard-coded credentials [CVE-2018-13342]
125924Adrenalin HRMS ApplicationtEmployeeSearch Reflected cross site scripting
125923Spark Zinc Server input validation [CVE-2018-11804]
125922Apache Impala ALTER access control [CVE-2018-11792]
125921Apache Impala Queue improper authorization [CVE-2018-11785]
125920Amanda Backup/Restore access control [CVE-2016-10730]
125919Amanda Backup runtar command injection🔒
125918Yammer Desktop App input validation [CVE-2018-8569]
125917Huawei Smart Phone Factory Reset Protection 7pk security [CVE-2018-7911]
125916Splunk Enterprise input validation [CVE-2018-7432]🔒
125915Splunk Enterprise Django App path traversal [CVE-2018-7431]🔒
125914Splunk Enterprise Splunkd input validation [CVE-2018-7429]🔒
125913Splunk Enterprise Web cross site scripting [CVE-2018-7427]🔒
125912Pippo Cookie SerializationSessionDataTranscoder.decode deserialization
125911PHPYun del_action input validation
125910Waimai Super CMS cross site scripting [CVE-2018-18622]
125909DeDeCMS datalistcp.class.php GetPageList cross site scripting
125908GNU binutils libbfd elflink.c elf_link_input_bfd null pointer dereference
125907GNU binutils libbfd merge.c merge_strings null pointer dereference
125906GNU binutils libbfd merge.c sec_merge_hash_lookup memory corruption
125905360 Total Security Import OS os.system("PowerShell") input validation
125904Stegdetect f5.c f5_compress out-of-bounds write
125903Micro Focus Real User Monitoring Software input validation [CVE-2018-18589]
125902BigProf AppGini Password Storage MD5 risky encryption
125901Zoho ManageEngine OpManager File Upload unrestricted upload [CVE-2018-18475]
125900Daniel Gultsch Conversations Message input validation [CVE-2018-18467]
125899Axios Italia Axioscloud Sissiweb Registro Elettronico relogoff.aspx cross site scripting
125898Trend Micro Antivirus KERedirect null pointer dereference
125897Trend Micro Antivirus KERedirect null pointer dereference
125896Trend Micro Antivirus KERedirect null pointer dereference
125895RuletkaIo random weak prng
125894Greedy 599 extcodesize weak prng
125893WiFiRanger Access Control key management [CVE-2018-17873]
125892Citrix SD-WAN/Netscaler SD-WAN Access Control access control
125891Citrix SD-WAN/Netscaler SD-WAN Log File log file [CVE-2018-17447]
125890Citrix SD-WAN/Netscaler SD-WAN sql injection [CVE-2018-17446]
125889Citrix SD-WAN/Netscaler SD-WAN command injection [CVE-2018-17445]
125888Citrix SD-WAN/Netscaler SD-WAN path traversal [CVE-2018-17444]
125887Ansible User Module information disclosure [CVE-2018-16837]🔒
125886Telligent Community Feed RSS Widget cross site scripting [CVE-2018-16235]
125885Mitel MiVoice Office 400 start.asp Reflected cross site scripting
125884Mitel MiVoice 5330e SIP/SDP Packet memory corruption [CVE-2018-15497]
125883Trend Micro Antivirus KERedirect null pointer dereference
125882Trend Micro Antivirus KERedirect use after free
125881Advantech WebAccess access control [CVE-2018-14828]
125880Advantech WebAccess DLL File input validation [CVE-2018-14820]
125879Advantech WebAccess memory corruption [CVE-2018-14816]
125878Advantech WebAccess path traversal [CVE-2018-14806]
125877Atlassian JIRA redirect [CVE-2018-13402]🔒
125876Atlassian JIRA XsrfErrorAction redirect [CVE-2018-13401]🔒
125875Atlassian JIRA Administrative Resource access control [CVE-2018-13400]🔒
125874Mitel ST signin.php Reflected cross site scripting
125873Fastjson rmi:/ URL AjaxApplication.java parseObject input validation
125872Qualcomm Snapdragon Mobile/Snapdragon Wear HLOS access control
125871Qualcomm Snapdragon Automobile/Snapdragon Mobile SafeSwitch improper authorization
125870Qualcomm Snapdragon Mobile/Snapdragon Wear XBL sec mem dump System Call access control
125869Qualcomm Snapdragon Automobile Boot out-of-bounds read [CVE-2017-18304]
125868Qualcomm Snapdragon Automobile Sensor Registry memory corruption
125867Qualcomm Snapdragon Mobile/Snapdragon Wear Secure Display information disclosure
125866Qualcomm Snapdragon Automobile Table Consolidation access control
125865Qualcomm Snapdragon Automobile SDMX API null pointer dereference
125864Qualcomm Snapdragon Mobile TEE SE API Session Management double free
125863Qualcomm Snapdragon Automobile SafeSwitch Service access control
125862Qualcomm Snapdragon Automobile DSP Service memory corruption
125861Qualcomm Snapdragon Automobile ELF Header input validation [CVE-2017-18294]
125860Qualcomm Snapdragon Mobile/Snapdragon Wear GPIO access control
125859Qualcomm Snapdragon Automobile Secure App input validation [CVE-2017-18292]
125858Qualcomm Snapdragon Mobile Read Val Blob Req input validation
125857Qualcomm Snapdragon Mobile/Snapdragon Wear SDCC access control
125856Qualcomm Snapdragon Automobile resource consumption [CVE-2017-18277]
125855Qualcomm Snapdragon Automobile/Snapdragon Mobile System UI integer overflow
125854Qualcomm Snapdragon Mobile GATT Packet input validation [CVE-2017-18171]
125853Qualcomm Snapdragon Mobile Bluetooth Controller integer underflow
125852libmspack chmextract Sample Program chmextract.c path traversal [Disputed]🔒
125851libmspack/cabextract chmd.c chmd_read_headers null pointer dereference🔒
125850libmspack/cabextract CAB Block cab.h out-of-bounds write🔒
125849LuPng lupng.c insertByte memory corruption
125848LuPng lupng.c insertByte memory corruption
125847LuPng lupng.c internalPrintf memory corruption
125846DeDeCMS pm.php Reflected cross site scripting
125845DeDeCMS qrcode.php cross site scripting
125844Linux Kernel Multithreading race condition [CVE-2018-18559]🔒
125843LibTIFF JBIG tif_jbig.c JBIGDecode out-of-bounds write🔒
125842IBM Security Access Manager Appliance Advanced Access Control access control
125841Advantech WebAccess opcImg.asp memory corruption
125840Advantech WebAccess Reflected cross site scripting [CVE-2018-15703]
125839KERUI Wifi Endoscope Camera YPC99 Camera Stream input validation
125838KERUI Wifi Endoscope Camera YPC99 input validation [CVE-2018-13114]
125837Symantec Web Isolation Javascript Reflected cross site scripting
125836Discuz! Background Database Backup input validation [CVE-2018-14729]
125835Leanote Blog Basic Setting Title cross site scripting [CVE-2018-18553]
125834ServersCheck Monitoring Software sql injection [CVE-2018-18550]
125833ThinkPHP Driver.class.php parseOrder sql injection
125832Fiyo CMS edit_user.php cross site scripting
125831ImageMagick msl.c WriteMSLImage resource management🔒
125830Teeworlds Connection Packet input validation [CVE-2018-18541]🔒
125829TeaKKi Picture URL cross site scripting [CVE-2018-18540]
125828LIVE555 RTSP Server HTTP Packet Parser memory corruption [CVE-2018-4013]🔒
125827kaptcha Captcha DefaultTextCreator.java Random random values
125826ThinkPHP Query.php aggregate sql injection
125825ThinkPHP Mysql.class.php parseKey sql injection
125824OwnTicket sql injection [CVE-2018-18527]
125823elfutils ELF File arlib.c arlib_add_symbols divide by zero🔒
125822elfutils libelf size.c elf_end memory corruption🔒
125821QEMU IOReadHandler integer overflow [CVE-2018-18438]🔒
125820TP-LINK TL-SC3130 RTSP Stream image.jpg information disclosure
125819Zenario Content Management System cross-site request forgery
125818ARDAWAN.COM User Management JPG File Name Stored cross site scripting
125817Ekushey Project Manager CRM create Stored cross site scripting
125816LANGO Codeigniter Multilingual Script Upload update cross site scripting
125815Xfce Thunar IBus-Unikey out-of-bounds read [CVE-2018-18398]
125814Moxa ThingsPro command injection [CVE-2018-18396]
125813Moxa ThingsPro Token access control [CVE-2018-18395]
125812Moxa ThingsPro IIoT Gateway/Device Management information disclosure
125811Moxa ThingsPro IIoT Gateway/Device Management Password Management credentials management
125810Moxa ThingsPro IIoT Gateway/Device Management Access Control access control
125809Moxa ThingsPro IIoT Gateway/Device Management access control
125808Moxa ThingsPro IIoT Gateway/Device Management User information disclosure
125807BigTree CMS admin.php session fixiation
125806Artifex Ghostscript Sandbox Protection Mechanism 7pk security🔒
125805IObit Malware Fighter IMFCameraProtect.sys memory corruption
125804F5 BIG-IP APM Edge Client 7pk security [CVE-2018-15316]🔒
125803F5 BIG-IP Configuration Utility Page Reflected cross site scripting🔒
125802F5 BIG-IP AFM TMUI Reflected cross site scripting🔒
125801F5 BIG-IP AFM TMUI Reflected cross site scripting🔒
125800F5 BIG-IP Configuration Utility Reflected cross site scripting🔒
125799SV3C L-SERIES HD CAMERA Web Interface redirect [CVE-2018-12675]
125798SV3C L-SERIES HD CAMERA Cookie credentials management [CVE-2018-12674]
125797SV3C L-SERIES HD CAMERA Web Interface Technical information disclosure
125796SV3C L-SERIES HD CAMERA cross site scripting [CVE-2018-12672]
125795SV3C L-SERIES HD CAMERA Password information disclosure [CVE-2018-12671]
125794SV3C L-SERIES HD CAMERA os command injection [CVE-2018-12670]
125793SV3C L-SERIES HD CAMERA param.cgi improper authorization
125792SV3C L-SERIES HD CAMERA hard-coded credentials [CVE-2018-12668]
125791SV3C L-SERIES HD CAMERA CGI Script improper authentication [CVE-2018-12667]
125790SV3C L-SERIES HD CAMERA improper authentication [CVE-2018-12666]
125789Splunk Enterprise splunk-launch.conf access control
125788Mozilla Firefox/Thunderbird memory corruption [CVE-2018-5188]🔒
125787Mozilla Firefox/Thunderbird memory corruption [CVE-2018-5187]🔒
125786Gxlcms dataaction.class.php sql injection
125785Gxlcms Database Backup dataaction.class.php mt_rand information disclosure
125784PHPSHE sql injection [CVE-2018-18486]
125783PHPSHE path traversal [CVE-2018-18485]
125782GNU binutils GNU libiberty cp-demangle.c resource consumption
125781GNU binutils GNU libiberty cplus-dem.c get_count integer overflow
125780libpg_query pg_query_parse.c pg_query_raw_parse resource management
125779libopencad io.cpp ReadCHAR out-of-bounds read
125778libopencad io.cpp ReadMCHAR out-of-bounds read
125777LibreNMS ajax_form.php Persistent cross site scripting
125776IBM FlashSystem 900 GUI improper authentication [CVE-2018-1822]
125775Dell EMC Secure Remote Services Log information disclosure [CVE-2018-15765]
IDTitleNessusOpenVASSnortSuricataTippingPoint
125774Spring Security OAuth access control [CVE-2018-15758]
125773Spring Framework Range resource management [CVE-2018-15756]
125772IBM InfoSphere Information Server Password Encryption inadequate encryption
125771Opto 22 PAC Control Basic/PAC Control Professional memory corruption
125770Mozilla Firefox JIT Compiler input validation [CVE-2018-12387]🔒
125769Mozilla Firefox Javascript type conversion [CVE-2018-12386]🔒
125768Mozilla Firefox/Thunderbird TransportSecurityInfo input validation🔒
125767Mozilla Firefox Password Save information disclosure [CVE-2018-12383]🔒
125766Mozilla Firefox Address Bar input validation [CVE-2018-12382]🔒
125765Mozilla Firefox Outlook Email Message Drag / Drop 7pk security🔒
125764Mozilla Thunderbird Mozilla Updater out-of-bounds write [CVE-2018-12379]🔒
125763Mozilla Firefox/Thunderbird IndexDB Index Delete use after free🔒
125762Mozilla Thunderbird Refresh Driver Timer use after free [CVE-2018-12377]🔒
125761Mozilla Firefox memory corruption [CVE-2018-12376]🔒
125760Mozilla Firefox memory corruption [CVE-2018-12375]🔒
125759Mozilla Thunderbird Text Input Leak information disclosure🔒
125758Mozilla Thunderbird SMIME Leak information disclosure🔒
125757Mozilla Thunderbird SMIME Message Leak information disclosure🔒
125756Dell EMC Secure Remote Services File Permission access control
125755Dell EMC Secure Remote Services Password Storage Credentials credentials management
125754Mozilla Firefox DOM windows.create ReplaceOrInsertBefore use after free🔒🔒
125753koha opac-tags_subject.pl sql injection
125752koha search path traversal
125751koha opac-search.pl cross site scripting
125750koha memberentry.pl cross-site request forgery
125749Arigato Autoresponder/Newsletter attachment.php code injection
125748wp-live-chat-support Plugin gdpr.php cross site scripting
125747Foo Labs Xpdf PDF File Stream.cc getBlock null pointer dereference
125746Foo Labs Xpdf PDF File Stream.cc decodeImage null pointer dereference
125745Foo Labs Xpdf PDF File Stream.cc readScan null pointer dereference
125744Foo Labs Xpdf PDF File Object.h isName out-of-bounds read
125743Foo Labs Xpdf PDF File GfxState.cc GfxImageColorMap out-of-bounds read
125742Foo Labs Xpdf PDF File Stream.cc readRow memory corruption
125741PbootCMS SingleController.php sql injection
125740Linux Kernel BPF Verifier verifier.c adjust_scalar_min_max_vals out-of-bounds read🔒
125739OpenEXR makeMultiView.cpp exrmultiview out-of-bounds write
125738OpenEXR IlmThreadPool.cpp ThreadPool resource management
125737Linux Kernel Pseudo Terminal n_tty.c type conversion🔒
125736Adobe Technical Communications Suite Library Loader uncontrolled search path
125735Adobe Framemaker Library Loader untrusted search path [CVE-2018-15974]🔒
125734Adobe Experience Manager Stored cross site scripting [CVE-2018-15973]
125733Adobe Experience Manager Stored cross site scripting [CVE-2018-15972]
125732Adobe Experience Manager Reflected cross site scripting [CVE-2018-15971]
125731Adobe Experience Manager Reflected cross site scripting [CVE-2018-15970]
125730Adobe Experience Manager Stored cross site scripting [CVE-2018-15969]
125729Avaya Aura System Platform Web UI deserialization [CVE-2018-15616]
125728Cisco Prime Collaboration Assurance Web-based Management Interface cross-site request forgery
125727Cisco SocialMiner Web-based Management Interface Stored cross site scripting
125726Cisco Enterprise NFV Infrastructure Software Management Interface cross-site request forgery
125725Cisco Wireless LAN Controller TrustSec Domain privileges management
125724CA Identity Governance Username information disclosure [CVE-2018-14597]
125723Adobe Digital Editions memory corruption [CVE-2018-12823]🔒
125722Adobe Digital Editions use after free [CVE-2018-12822]🔒
125721Adobe Digital Editions out-of-bounds read [CVE-2018-12821]🔒
125720Adobe Digital Editions out-of-bounds read [CVE-2018-12820]🔒
125719Adobe Digital Editions out-of-bounds read [CVE-2018-12819]🔒
125718Adobe Digital Editions out-of-bounds read [CVE-2018-12818]🔒
125717Adobe Digital Editions out-of-bounds read [CVE-2018-12816]🔒
125716Adobe Digital Editions memory corruption [CVE-2018-12814]🔒
125715Adobe Digital Editions memory corruption [CVE-2018-12813]🔒
125714Cisco NX-OS SNMP input validation [CVE-2018-0456]🔒
125713Cisco Wireless LAN Controller CAPWAP resource management [CVE-2018-0443]🔒
125712Cisco Wireless LAN Controller CAPWAP information disclosure [CVE-2018-0442]🔒
125711Cisco IOS Access Point 802.11r Fast Transition resource consumption🔒
125710Cisco Wireless LAN Controller Software Web-based Interface path traversal
125709Cisco Wireless LAN Controller TACACS access control [CVE-2018-0417]🔒
125708Cisco Wireless LAN Controller Web-based Interface input validation
125707Cisco FXOS LLDP input validation [CVE-2018-0395]
125706Cisco Wireless LAN Controller Web-based Interface cross site scripting
125705Cisco Aironet Watchdog Timer resource consumption [CVE-2018-0381]
125704Cisco NX-OS Precision Time Protocol input validation [CVE-2018-0378]
125703Huawei Mate 10 Pro App Lock Password improper authentication
125702Huawei Anne-AL00 USB Interface information disclosure [CVE-2018-7924]
125701HPE UIoT DSM Portal access control [CVE-2018-7111]
125700HPE Service Governance Framework race condition [CVE-2018-7110]
125699HPE Intelligent Management Center improper authentication [CVE-2018-7076]
125698Linksys E1200/E2500 Network Configuration apply.cgi os command injection
125697Linksys E1200/E2500 Web Portal apply.cgi machine_name os command injection
125696Linksys E1200/E2500 Web Portal apply.cgi start_lltd os command injection
125695JTBC(PHP) cross-site request forgery [CVE-2018-18436]
125694litemall WxStorageController.java path traversal
125693DESTOON B2B category.inc.php cross site scripting
125692DESTOON B2B admin.php cross-site request forgery
125691DESTOON B2B cross site scripting [CVE-2018-18431]
125690DESTOON B2B setting.inc.php cross site scripting
125689S-Cms post.php sql injection
125688S-Cms robots.php code injection
125687UsualToolCMS cross-site request forgery [CVE-2018-18422]
125686tcpflow iptree.h setbit out-of-bounds read
125685tcpreplay tcpbridge tcpbridge.c post_args use after free🔒
125684tcpreplay tcpreplay-edit incremental_checksum.h csum_replace4 out-of-bounds read🔒
125683Support Board - Chat And Help Desk Plugin File Upload admin-ajax.php Stored cross site scripting
125682KAASoft Library CMS - Powerful Book Management System Stored cross site scripting
125681Zoho ManageEngine OpManager cross site scripting [CVE-2018-18262]
125680Aryanic HighPortal Add Tags cross site scripting [CVE-2018-17964]
125679LAquis SCADA memory corruption [CVE-2018-17911]
125678LAquis SCADA Project File out-of-bounds write [CVE-2018-17901]
125677LAquis SCADA path traversal [CVE-2018-17899]
125676LAquis SCADA integer overflow [CVE-2018-17897]
125675LAquis SCADA out-of-bounds read [CVE-2018-17895]
125674LAquis SCADA null pointer dereference [CVE-2018-17893]
125673IPFire Firewall backup.cgi command injection
125672vBulletin redirect [CVE-2018-15493]
125670D-Link DWR-111 0 information disclosure
125669D-Link DWR-116/DWR-512/DWR-712/DWR-912/DWR-921/DWR-111 chkisg.htm command injection
125668D-Link DWR-111 Web Interface path traversal [CVE-2018-10822]
125667Huawei Mate 9/Mate 9 Pro Hardware Security Module access control
125666Oracle VM VirtualBox OpenSSL key management [CVE-2018-0732]🔒
125665Oracle VM VirtualBox access control [CVE-2018-3287]🔒
125664Oracle VM VirtualBox access control [CVE-2018-3295]🔒
125663Oracle VM VirtualBox access control [CVE-2018-3293]🔒
125662Oracle VM VirtualBox access control [CVE-2018-3292]🔒
125661Oracle VM VirtualBox access control [CVE-2018-3291]🔒
125660Oracle VM VirtualBox access control [CVE-2018-3298]🔒
125659Oracle VM VirtualBox access control [CVE-2018-2909]🔒
125658Oracle VM VirtualBox access control [CVE-2018-3297]🔒
125657Oracle VM VirtualBox access control [CVE-2018-3296]🔒
125656Oracle VM VirtualBox access control [CVE-2018-3290]🔒
125655Oracle VM VirtualBox access control [CVE-2018-3289]🔒
125654Oracle VM VirtualBox access control [CVE-2018-3288]🔒
125653Oracle VM VirtualBox VRDP access control [CVE-2018-3294]🔒
125652Oracle OSS Support Tools OpenSSL resource consumption [CVE-2018-0739]
125651Oracle Demantra Demand Management Product Security access control
125650Oracle Agile Product Lifecycle Management for Process User Group Management access control
125649Oracle Transportation Management Install access control [CVE-2018-1305]🔒🔒
125648Oracle Agile PLM Folders/Files / Attachments access control [CVE-2018-1305]🔒🔒
125647Oracle Agile Engineering Data Management Install (Apache Tomcat) access control🔒🔒
125646Oracle Agile PLM Application Server improper authorization [CVE-2018-1258]🔒
125645Oracle Solaris Kernel access control [CVE-2018-3270]🔒
125644Oracle Solaris Kernel access control [CVE-2018-2922]🔒
125643Oracle Solaris Verified Boot access control [CVE-2018-3266]🔒
125642Oracle Solaris SMB Server access control [CVE-2018-3269]🔒
125641Oracle Solaris Kernel access control [CVE-2018-3264]🔒
125640Oracle Solaris Zones access control [CVE-2018-3265]🔒
125639Oracle Solaris SMB Server access control [CVE-2018-3268]🔒
125638Oracle Solaris RPC access control [CVE-2018-3172]🔒
125637Oracle Solaris Kernel Zones access control [CVE-2018-3271]🔒
125636Oracle Solaris LFTP access control [CVE-2018-3267]🔒
125635Oracle Solaris Kernel null pointer dereference [CVE-2015-6937]🔒🔒
125634Oracle Solaris Sudo access control [CVE-2018-3263]🔒
125633Oracle Solaris Kernel access control [CVE-2018-3274]🔒
125632Oracle Solaris Kernel Zones Virtualized NIC Driver access control🔒
125631Oracle Solaris LibKMIP access control [CVE-2018-3275]🔒
125630Oracle Solaris Kernel information disclosure [CVE-2016-5244]🔒🔒
125629Oracle Solaris Remote Administration Daemon access control [CVE-2018-3273]🔒
125628Oracle SPARC Enterprise M9000 XCP Firmware integer overflow [CVE-2016-7167]🔒🔒
125627Oracle Fujitsu M10-1 XCP Firmware integer overflow [CVE-2016-7167]🔒🔒
125626Oracle Siebel CRM UI Framework access control [CVE-2018-3059]
125625Oracle Siebel CRM Marketing Apps access control [CVE-2018-1305]🔒🔒
125624Oracle Siebel CRM UI Framework deserialization [CVE-2017-5645]🔒🔒
125623Oracle Retail Order Broker Upgrade Install access control [CVE-2018-1305]🔒🔒
125622Oracle MICROS XBRi Retail access control [CVE-2018-1305]🔒🔒
125621Oracle MICROS Retail-J Back Office access control [CVE-2018-2887]
125620Oracle Retail Xstore Point of Service Xenvironment incomplete blacklist🔒🔒
125619Oracle Retail Xstore Point of Service Xenvironment access control
125618Oracle Retail Open Commerce Platform Integrations access control
125617Oracle Retail Returns Management Apache Batik deserialization🔒🔒
125616Oracle Retail Point-of-Service Apache Batik deserialization [CVE-2018-8013]🔒🔒
125615Oracle Retail Order Broker Upgrade Install deserialization [CVE-2018-8013]🔒🔒
125614Oracle Retail Central Office Apache Batik deserialization [CVE-2018-8013]🔒🔒
125613Oracle Retail Back Office Apache Batik deserialization [CVE-2018-8013]🔒🔒
125612Oracle MICROS Retail-J Internal Operations access control [CVE-2018-2889]
125611Oracle Retail Sales Audit Operational Insights access control
125610Oracle Retail Open Commerce Platform jackson-databind deserialization🔒🔒
125609Oracle Retail Integration Bus RIB Kernal authorization [CVE-2018-1258]🔒
125608Oracle Retail Financial Integration PeopleSoft Integration Bugs authorization🔒
125607Oracle Retail Assortment Planning Application Core authorization🔒
125606Oracle MICROS Lucas Spring Framework authorization [CVE-2018-1258]🔒
125605Oracle Retail Sales Audit Operational Insights deserialization🔒🔒
125604Oracle Retail Predictive Application Server RPAS Fusion Client security check for standard🔒
125603Oracle Retail Order Broker System Administration security check for standard🔒
125602Oracle Retail Order Broker Order Broker Foundation access control🔒
125601Oracle Retail Open Commerce Platform Spring Framework security check for standard🔒
125600Oracle Retail Open Commerce Platform JasperReports access control🔒
125599Oracle Retail Open Commerce Platform Apache Log4j deserialization🔒🔒
125598Oracle Retail Invoice Matching jackson-databind incomplete blacklist🔒🔒
125597Oracle Retail Extract Transform/Load Mathematical Operators deserialization🔒🔒
125596Oracle Retail Customer Management/Segmentation Foundation Internal Operations access control🔒
125595Oracle Retail Assortment Planning Application Core incomplete blacklist🔒🔒
125594Oracle Retail Allocation jackson-databind incomplete blacklist🔒🔒
125593Oracle MICROS Relate CRM Software Web Services access control🔒
125592Oracle PeopleSoft Enterprise PeopleTools Portal access control
125591Oracle PeopleSoft Enterprise PeopleTools Stylesheet access control
125590Oracle PeopleSoft Enterprise PeopleTools Portal access control
125589Oracle PeopleSoft Enterprise PeopleTools Portal access control
125588Oracle PeopleSoft Enterprise PeopleTools Performance Monitor access control
125587Oracle PeopleSoft Enterprise PeopleTools Integration Broker access control
125586Oracle PeopleSoft Enterprise PeopleTools Integration Broker access control
125585Oracle PeopleSoft Enterprise Interaction Hub Application Portal access control
125584Oracle PeopleSoft Enterprise PeopleTools Workflow access control
125583Oracle PeopleSoft Enterprise PeopleTools Rich Text Editor access control
125582Oracle PeopleSoft Enterprise PeopleTools Portal access control
125581Oracle PeopleSoft Enterprise PeopleTools Portal access control
125580Oracle PeopleSoft Enterprise PeopleTools Portal access control
125579Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access control
125578Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access control
125577Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology access control
125576Oracle PeopleSoft Enterprise PeopleTools Fluid Core access control
125575Oracle PeopleSoft Enterprise PeopleTools Elastic Search access control
125574Oracle PeopleSoft Enterprise PeopleTools Activity Guide access control
125573Oracle PeopleSoft Enterprise PeopleTools Activity Guide access control
125572Oracle PeopleSoft Enterprise PeopleTools OpenSSL resource consumption🔒🔒
125571Oracle PeopleSoft Enterprise PeopleTools SQR access control [CVE-2018-3165]
125570Oracle PeopleSoft Enterprise PeopleTools Query access control
125569Oracle PeopleSoft Enterprise PeopleTools Apache HTTP Server use after free🔒🔒🔒
125568Oracle MySQL Server Privileges access control [CVE-2018-3286]🔒
125567Oracle MySQL Server Logging denial of service [CVE-2018-3283]🔒
125566Oracle MySQL Server InnoDB denial of service [CVE-2018-3284]🔒
125565Oracle MySQL Server Windows access control [CVE-2018-3285]🔒
125564Oracle MySQL Server Storage Engines access control [CVE-2018-3282]🔒
125563Oracle MySQL Server Roles access control [CVE-2018-3279]🔒
125562Oracle MySQL Server RBR access control [CVE-2018-3278]🔒
125561Oracle MySQL Server Partition access control [CVE-2018-3161]🔒
125560Oracle MySQL Server Optimizer access control [CVE-2018-3186]🔒
125559Oracle MySQL Server Memcached access control [CVE-2018-3276]🔒
125558Oracle MySQL Server JSON access control [CVE-2018-3280]🔒
125557Oracle MySQL Server Information Schema access control [CVE-2018-3212]🔒
125556Oracle MySQL Server DDL access control [CVE-2018-3170]🔒
125555Oracle MySQL Server InnoDB access control [CVE-2018-3200]🔒
125554Oracle MySQL Server InnoDB access control [CVE-2018-3173]🔒
125553Oracle MySQL Server InnoDB access control [CVE-2018-3162]🔒
125552Oracle MySQL Server InnoDB access control [CVE-2018-3277]🔒
125551Oracle MySQL Server Partition access control [CVE-2018-3171]🔒
125550Oracle MySQL Server Client programs access control [CVE-2018-3174]🔒
125549Oracle MySQL Server Optimizer access control [CVE-2018-3187]🔒
125548Oracle MySQL Server Merge access control [CVE-2018-3247]🔒
125547Oracle MySQL Server DDL access control [CVE-2018-3195]🔒
125546Oracle MySQL Server InnoDB access control [CVE-2018-3185]🔒
125545Oracle MySQL Server Audit access control [CVE-2018-3144]🔒
125544Oracle MySQL Server Parser access control [CVE-2018-3145]🔒
125543Oracle MySQL Server Parser access control [CVE-2018-3133]🔒
125542Oracle MySQL Server Optimizer access control [CVE-2018-3203]🔒
125541Oracle MySQL Server Optimizer access control [CVE-2018-3137]🔒
125540Oracle MySQL Server DML access control [CVE-2018-3182]🔒
125539Oracle MySQL Server InnoDB access control [CVE-2018-3251]🔒
125538Oracle MySQL Server InnoDB access control [CVE-2018-3156]🔒
125537Oracle MySQL Server InnoDB access control [CVE-2018-3143]🔒
125536Oracle MySQL Server Parser access control [CVE-2018-3155]🔒
125535Oracle MySQL Server InnoDB numeric error [CVE-2016-9843]🔒🔒
125534Oracle MySQL Enterprise Monitor Monitoring authorization [CVE-2018-1258]🔒
125533Oracle MySQL Connectors Connector/J access control [CVE-2018-3258]🔒
125532Oracle MySQL Enterprise Monitor Monitoring 7pk security [CVE-2018-8014]🔒🔒
125531Oracle MySQL Enterprise Monitor Monitoring input validation [CVE-2018-11776]🔒🔒
125530Oracle JD Edwards EnterpriseOne Tools Enterprise Infrastructure resource consumption🔒🔒
125529Oracle JD Edwards EnterpriseOne Tools Monitoring/Diagnostics deserialization🔒🔒
125528Oracle JD Edwards EnterpriseOne Tools Business Logic Inf deserialization🔒🔒
125527Oracle JD Edwards EnterpriseOne Tools Web Runtime incomplete blacklist🔒🔒
125526Oracle JD Edwards EnterpriseOne Tools EnterpriseOne Mobility incomplete blacklist🔒🔒
125525Oracle JD Edwards EnterpriseOne Orchestrator IoT Orchestrator Security incomplete blacklist🔒🔒
125524Oracle Java SE Networking access control [CVE-2018-3139]🔒
125523Oracle Java SE Security access control [CVE-2018-3136]🔒
125522Oracle Java SE Deployment divide by zero [CVE-2018-13785]🔒
125521Oracle Java SE Utility access control [CVE-2018-3150]🔒
125520Oracle Java SE Sound access control [CVE-2018-3157]🔒
125519Oracle Java SE Sound access control [CVE-2018-3214]🔒
125518Oracle Java SE JSSE access control [CVE-2018-3180]🔒
125517Oracle Java SE Serviceability access control [CVE-2018-3211]🔒
125516Oracle Java SE JNDI access control [CVE-2018-3149]🔒
125515Oracle Java SE Hotspot access control [CVE-2018-3169]🔒
125514Oracle Java SE JavaFX access control [CVE-2018-3209]🔒
125513Oracle Java SE Scripting access control [CVE-2018-3183]🔒
125512Oracle Insurance Calculation Engine Architecture deserialization🔒🔒
125511Oracle Insurance Rules Palette security check for standard [CVE-2018-1275]🔒
125510Oracle Insurance Rules Palette deserialization [CVE-2017-5645]🔒🔒
125509Oracle Insurance Calculation Engine security check for standard🔒
125508Oracle Insurance Calculation Engine deserialization [CVE-2017-5645]🔒🔒
125507Oracle iLearning Learner Administration access control [CVE-2018-3146]
125506Oracle Hyperion BI+ access control [CVE-2018-3184]
125505Oracle Hyperion Essbase Administration Services access control
125504Oracle Hyperion Essbase Administration Services access control
125503Oracle Hyperion Common Events access control [CVE-2018-3178]
125502Oracle Hyperion Common Events access control [CVE-2018-3177]
125501Oracle Hyperion Common Events access control [CVE-2018-3176]
125500Oracle Hyperion Common Events access control [CVE-2018-3175]
125499Oracle Hyperion Essbase Administration Services access control
125498Oracle Hyperion Data Relationship Management access control [CVE-2018-3208]
125497Oracle Hospitality Cruise Shipboard Property Management System OHC ENOAD access control
125496Oracle Hospitality Guest Access jQuery cross site scripting [CVE-2015-9251]🔒
125495Oracle Hospitality Cruise Fleet Management Sender/Receiver access control
125494Oracle Hospitality Guest Access Apache Tomcat access control🔒🔒
125493Oracle Hospitality Cruise Fleet Management Emergency Response System access control
125492Oracle Hospitality Cruise Fleet Management Emergency Response System access control
125491Oracle Hospitality Cruise Fleet Management Emergency Response System access control
125490Oracle Hospitality Cruise Shipboard Property Management System OHC Admin/OHC Management access control
125489Oracle Hospitality Guest Access Spring Framework authorization🔒
125488Oracle Healthcare Translational Research Cohort Explorer cross site scripting🔒
125487Oracle WebLogic Server Console information disclosure [CVE-2018-2902]🔒
125486Oracle Outside In Technology Outside In Filters access control
125485Oracle Virtual Directory Virtual Directory Manager access control
125484Oracle WebCenter Portal WebCenter Spaces Application access control
125483Oracle GlassFish Server Java Server Faces access control [CVE-2018-3210]🔒
125482Oracle Endeca Information Discovery Integrator Integrator ETL access control
125481Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3250]🔒
125480Oracle WebCenter Sites Advanced UI cross site scripting [CVE-2015-9251]🔒
125479Oracle Service Bus OSB Core Functionality cross site scripting🔒
125478Oracle Fusion Middleware MapViewer Install cross site scripting
125477Oracle Endeca Information Discovery Studio jQuery cross site scripting🔒
125476Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3248]🔒
125475Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3249]🔒
125474Oracle WebCenter Sites Advanced UI access control [CVE-2018-1305]🔒🔒
125473Oracle Endeca Server Product Code resource consumption [CVE-2018-0739]🔒🔒
125472Oracle WebCenter Sites Advanced UI access control [CVE-2018-3238]
125471Oracle Outside In Technology Outside In Filters memory corruption
125470Oracle Outside In Technology Outside In Filters memory corruption
125469Oracle Outside In Technology Outside In Filters access control
125468Oracle Outside In Technology Outside In Filters access control
125467Oracle Outside In Technology Outside In Filters access control
125466Oracle Outside In Technology Outside In Filters access control
125465Oracle Outside In Technology Outside In Filters access control
125464Oracle Outside In Technology Outside In Filters access control
125463Oracle Outside In Technology Outside In Filters access control
125462Oracle Outside In Technology Outside In Filters access control
125461Oracle Outside In Technology Outside In Filters access control
125460Oracle Outside In Technology Outside In Filters access control
125459Oracle Outside In Technology Outside In Filters access control
125458Oracle Outside In Technology Outside In Filters access control
125457Oracle Outside In Technology Outside In Filters access control
125456Oracle Outside In Technology Outside In Filters access control
125455Oracle Outside In Technology Outside In Filters access control
125454Oracle Outside In Technology Outside In Filters access control
125453Oracle Outside In Technology Outside In Filters access control
125452Oracle Outside In Technology Outside In Filters access control
125451Oracle Outside In Technology Outside In Filters access control
125450Oracle Identity Analytics Core Components access control [CVE-2018-3168]
125449Oracle Identity Manager Advanced Console access control [CVE-2018-3179]🔒
125448Oracle Enterprise Repository Security Subsystem deserialization🔒🔒
125447Oracle Business Intelligence Enterprise Edition Apache Batik deserialization🔒🔒
125446Oracle WebLogic Server Docker Images access control [CVE-2018-3213]🔒
125445Oracle WebLogic Server WLS - Web Services access control [CVE-2018-3246]🔒
125444Oracle Tuxedo Docs-ATMI-IB key management [CVE-2018-0732]🔒
125443Oracle HTTP Server Web Listener memory corruption [CVE-2018-1000300]🔒🔒
125442Oracle GlassFish Server Administration access control [CVE-2018-3152]🔒
125441Oracle Directory Server Enterprise Edition Admin Console use after free🔒🔒
125440Oracle Real-Time Decision Server Platform Installation input validation🔒🔒
125439Oracle Business Intelligence Enterprise Edition Analytics Server access control🔒
125438Oracle Adaptive Access Manager OAAM Server input validation [CVE-2016-1182]🔒🔒
125437Oracle GlassFish Server Java Server Faces access control [CVE-2018-2911]🔒
125436Oracle WebLogic Server Spring Framework authorization [CVE-2018-1258]🔒
125435Oracle Endeca Information Discovery Integrator Spring Framework authorization🔒
125434Oracle WebLogic Server WLS Core Components access control [CVE-2018-3252]🔒
125433Oracle WebLogic Server WLS Core Components access control [CVE-2018-3245]🔒
125432Oracle WebLogic Server WLS Core Components access control [CVE-2018-3201]🔒
125431Oracle WebLogic Server WLS Core Components access control [CVE-2018-3197]🔒
125430Oracle WebLogic Server WLS Core Components access control [CVE-2018-3191]🔒
125429Oracle Identity Manager Installer deserialization [CVE-2017-15095]🔒🔒
125428Oracle Identity Management Suite Apache Log4j deserialization🔒🔒
125427Oracle Identity Analytics Apache Log4j deserialization [CVE-2017-5645]🔒🔒
125426Oracle GoldenGate for Big Data Spring Framework security check for standard🔒
125425Oracle Big Data Discovery Spring Framework security check for standard🔒
125424Oracle API Gateway Apache Log4j deserialization [CVE-2017-5645]🔒🔒
125423Oracle BI Publisher Apache Log4j deserialization [CVE-2017-5645]🔒🔒
125422Oracle MICROS PC Workstation 2015 BIOS information disclosure🔒🔒🔒
125421Oracle Hospitality Materials Control MobileAuthWebService cross site scripting🔒
125420Oracle Hospitality Gift/Loyalty Report access control [CVE-2018-3131]
125419Oracle Hospitality Reporting/Analytics Report access control
125418Oracle Banking Platform jQuery cross site scripting [CVE-2015-9251]🔒
125417Oracle Banking Platform jackson-databind deserialization [CVE-2018-12023]🔒
125416Oracle Enterprise Manager Base Platform Discovery Framework resource consumption🔒🔒
125415Oracle Enterprise Manager for MySQL Database EM Plugin authorization🔒
125414Oracle Configuration Manager Collector of Config/Diag deserialization🔒🔒
125413Oracle Enterprise Manager Ops Center Jython deserialization [CVE-2016-4000]🔒🔒
125412Oracle E-Business Suite Oracle Applications Framework access control🔒
125411Oracle E-Business Suite Oracle Email Center access control [CVE-2018-3256]🔒
125410Oracle E-Business Suite Oracle Applications Manager information disclosure🔒
125409Oracle E-Business Suite Oracle Application Object Library access control🔒
125408Oracle E-Business Suite access control [CVE-2018-3167]🔒
125407Oracle E-Business Suite Oracle User Management access control🔒
125406Oracle E-Business Suite Oracle iProcurement access control [CVE-2018-3151]🔒
125405Oracle E-Business Suite Oracle Trade Management access control🔒
125404Oracle E-Business Suite Oracle Partner Management access control🔒
125403Oracle E-Business Suite Oracle Marketing access control [CVE-2018-3242]🔒
125402Oracle E-Business Suite Oracle iStore access control [CVE-2018-3188]🔒
125401Oracle E-Business Suite Oracle E-Business Intelligence access control🔒
125400Oracle E-Business Suite Oracle Customer Interaction History access control🔒
125399Oracle E-Business Suite Oracle Applications Manager access control🔒
125398Oracle E-Business Suite Oracle Applications Framework access control🔒
125397Oracle E-Business Suite Oracle Application Object Library access control🔒
125396Oracle Construction/Engineering Suite input validation [CVE-2018-11039]🔒
125395Oracle Construction/Engineering Suite Primavera Unifier access control🔒
125394Oracle Construction/Engineering Suite access control [CVE-2018-3281]🔒
125393Oracle Construction/Engineering Suite access control [CVE-2018-3241]🔒
125392Oracle Construction/Engineering Suite Primavera Gateway cross site scripting🔒
125391Oracle Construction/Engineering Suite Instantis EnterpriseTrack access control🔒🔒
125390Oracle Construction/Engineering Suite Instantis EnterpriseTrack deserialization🔒🔒
125389Oracle Construction/Engineering Suite Primavera Unifier deserialization🔒
125388Oracle Construction/Engineering Suite Primavera Gateway incomplete blacklist🔒🔒
125387Oracle Construction/Engineering Suite Primavera Gateway security check for standard🔒
125386Oracle Communications Performance Intelligence Center (PIC) Software resteasy-jaxrs xml external entity reference
125385Oracle Communications Performance Intelligence Center (PIC) Software OpenSSL information disclosure
125384Oracle Communications Application Session Controller OpenSSL cryptographic issues🔒🔒
125383Oracle Communications Performance Intelligence Center (PIC) Software Apache Trinidad deserialization🔒
125382Oracle Communications Performance Intelligence Center (PIC) Software Objective System ASN1C integer overflow
125381Oracle Communications MetaSolv Solution Print Preview deserialization🔒🔒
125380Oracle Communications Instant Messaging Server jackson-databind deserialization
125379Oracle Communications Performance Intelligence Center (PIC) Software Apache Struts 1 input validation🔒🔒
125378Oracle Communications Performance Intelligence Center (PIC) Software Spring Framework Remote Privilege Escalation🔒
125377Oracle Communications Performance Intelligence Center (PIC) Software Apache Commons Collections deserialization
125376Oracle Communications Application Session Controller Apache Commons Collections deserialization
125375Oracle Communications User Data Repository Apache Xerces memory corruption🔒🔒
125374Oracle Communications Messaging Server Convergence deserialization🔒🔒
125373Oracle Communications Application Session Controller Glibc Ghost memory corruption
125372Oracle GoldenGate Manager null pointer dereference [CVE-2018-2914]
125371Oracle GoldenGate Manager null pointer dereference [CVE-2018-2912]
125370Oracle GoldenGate Monitoring Manager memory corruption [CVE-2018-2913]
125369Oracle Big Data Graph Spatial deserialization [CVE-2016-6814]🔒🔒
125368Oracle Database Server Rapid Home Provisioning incomplete blacklist🔒🔒
125367Oracle Database Server Oracle Text access control [CVE-2018-3299]🔒
125366Oracle Database Server Java VM access control [CVE-2018-3259]🔒
125365libssh SSH2_MSG_USERAUTH_SUCCESS Message improper authentication🔒🔒
125364VMware ESXi/Workstation/Fusion SVGA out-of-bounds read [CVE-2018-6974]🔒
125363Neo4j Enterprise Database Server LDAP improper authentication
125362Asciidoctor resource management [CVE-2018-18385]
125361Info-ZIP UnZIP ZIP Archive list.c memory corruption
125360BigTree CMS Image Upload Stored cross site scripting
125359AlchemyCMS Image Field pictures Stored cross site scripting
125358IBM WebSphere Application Server Web UI cross site scripting
125357Pydio Web Application command injection [CVE-2018-14772]
125356Atlassian FishEye/Crucible Windows Installer permission [CVE-2018-13399]
125355Amazon Kindle Fire HD Kernel twl6030-gpadc.c argument injection
125354Amazon Kindle Fire HD Kernel gcif.c argument injection
125353Amazon Kindle Fire HD Kernel gcif.c argument injection
125352Amazon Kindle Fire HD Kernel gcif.c argument injection
125351Amazon Kindle Fire HD Kernel device.c argument injection
125350Amazon Kindle Fire HD Kernel rpmsg_omx.c argument injection
125349Amazon Kindle Fire HD Kernel gcif.c argument injection
125348QEMU NE2000 NIC Emulation integer overflow [CVE-2018-10839]🔒
125347Advanced HRM Picture input validation [CVE-2018-18382]
125346Z-BlogPHP Image Attachment c_system_admin.php Stored cross site scripting
125345Orange AirBox setReset 7pk security
125344Orange AirBox getWlanClientInfo information disclosure
125343Orange AirBox APN Data getProfileList credentials management
125342MetInfo index.php cross site scripting
125341nc-cms cross site scripting [CVE-2018-18361]
125340Camaleo CMS User Settings Stored cross site scripting
125339LUYA CMS create-page Stored cross site scripting
125338Artifex Ghostscript Sandbox Protection Mechanism information disclosure🔒
125337NoMachine wintab32.dll untrusted search path [CVE-2018-17980]
125336Artifex Ghostscript Sandbox Protection Mechanism access control🔒
125335Teltonika RUT9XX Serial Interface access control [CVE-2018-17534]
125334Teltonika RUT9XX hotspotlogin.cgi cross site scripting
125333Teltonika RUT9XX autologin.cgi os command injection
125332IBM Security Key Lifecycle Manager XML Data xml external entity reference
125331IBM Security Key Lifecycle Manager path traversal [CVE-2018-1744]
125330Ivanti Workspace Control DataStore cryptographic issues [CVE-2018-15593]
125329Ivanti Workspace Control access control [CVE-2018-15592]
125328Ivanti Workspace Control Application Whitelisting access control
125327Ivanti Workspace Control 7pk security [CVE-2018-15590]
125326Agentejo Cockpit api path traversal
125325Agentejo Cockpit cross-site request forgery [CVE-2018-15539]
125324Agentejo Cockpit cross site scripting [CVE-2018-15538]
125323Cisco ClamAV MEW Unpacker mew.c unmew11 Memory out-of-bounds read🔒
125322Intel Graphics Drivers Unified Shader Compiler access control
125321MoinMoin GUI Editor cross site scripting [CVE-2017-5934]🔒
125320CentOS Web Panel CentOS-WebPanel.com cross site scripting
125319CentOS Web Panel index.php path traversal
125318CentOS Web Panel CentOS-WebPanel.com command injection
125317Merlin.PHP exec.php input validation
125316Merlin.PHP input validation [CVE-2018-18319]
125315Qiku 360 Phone N6 Pro Kernel Module mmcblk0rpmb null pointer dereference
125314DESHANG DSCMS add.html cross-site request forgery
125313emlog cross-site request forgery [CVE-2018-18316]
125312lemon CdnController.java copyMultipartFileToFile unrestricted upload
125311elfutils libdwfl dwfl_segment_report_module.c memory corruption🔒
125310GNU binutils libbfd reloc.c memory corruption
125309MetInfo index.php cross site scripting
125308Asus RT-AC58U Advanced_ASUSDDNS_Content.asp cross site scripting
125307nc-cms HTML Source Editor cross site scripting [CVE-2018-18290]
125306Mesliat Zabbix Plugin information disclosure [CVE-2018-18289]
125305Asus RT-AC58U HTML Source Code Main_Login.asp information disclosure
125304Next.js Error Page _error cross site scripting
125303pdfalto XmlAltoOutputDev.cc addAttributsNode memory corruption
125302CMS Made Simple Article moduleinterface.php cross site scripting
125301CMS Made Simple Article moduleinterface.php cross site scripting
125300WAGO 750-881 SNMP Configuration snmp.ssi cross site scripting
125299Adobe Acrobat Reader out-of-bounds write [CVE-2018-15938]🔒
125298Adobe Acrobat Reader out-of-bounds write [CVE-2018-15936]🔒
125297Adobe Acrobat Reader out-of-bounds write [CVE-2018-15935]🔒
125296Adobe Acrobat Reader out-of-bounds write [CVE-2018-15934]🔒
125295Adobe Acrobat Reader out-of-bounds write [CVE-2018-15933]🔒
125294Adobe Acrobat Reader out-of-bounds write [CVE-2018-15929]🔒
125293Adobe Acrobat Reader out-of-bounds write [CVE-2018-15928]🔒
125292Cloud Foundry CF Networking Release API Endpoint sql injection
125291Foreman Breadcrumbs Bar Stored cross site scripting
125290Adobe Acrobat Reader out-of-bounds write [CVE-2018-12868]🔒
125289Adobe Acrobat Reader out-of-bounds write [CVE-2018-12865]🔒
125288Adobe Acrobat Reader out-of-bounds write [CVE-2018-12864]🔒
125287Adobe Acrobat Reader out-of-bounds write [CVE-2018-12862]🔒
125286Palo Alto PAN-OS GlobalProtect Portal cross site scripting [CVE-2018-10141]
125285BlackBerry Management Console UEM information disclosure [CVE-2018-8890]
125284Yokogawa STARDOM Controllers Session Management session fixiation
125283Yokogawa STARDOM Controllers Web Application Credentials credentials management
125282Yokogawa STARDOM Controller resource consumption [CVE-2018-17898]
125281Yokogawa STARDOM Controller hard-coded credentials [CVE-2018-17896]
125280NUUO CMS hard-coded credentials [CVE-2018-17894]
125279NUUO CMS User Account Control access control [CVE-2018-17892]
125278NUUO CMS Remote Code Execution [CVE-2018-17890]
125277NUUO CMS Session random values [CVE-2018-17888]
125276Micro Focus Enterprise Developer/Enterprise Server HTTP Request Parameter null pointer dereference
125275IBM FileNet Content Manager XML Data xml external entity reference
125274IBM WebSphere Application Server path traversal [CVE-2018-1770]🔒
125273IBM Rational Publishing Engine Web UI cross site scripting [CVE-2018-1534]
125272IBM Rational Publishing Engine Web UI cross site scripting [CVE-2018-1533]
125271IBM WebSphere Application Server IBM Cloud Password information disclosure
125270Wireshark MS-WSP Protocol Dissector packet-mswsp.c null pointer dereference🔒
125269Wireshark Steam IHS Discovery Dissector packet-steam-ihs-discovery.c resource management🔒
125268Wireshark CoAP Dissector packet-coap.c input validation🔒
125267IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1673]
125266IBM BigFix Platform Credential Storage credentials management
125265Blueimp jQuery-File-Upload File Upload unrestricted upload [CVE-2018-9206]🔒🔒
125264BageCMS code injection [CVE-2018-18258]
125263BageCMS path traversal [CVE-2018-18257]
125262youke365 login.html sql injection
125261Pippo XstreamEngine input validation [CVE-2018-18240]
125260youke365 user.html cross-site request forgery
125259Delta Industrial Automation TPEditor Project File memory corruption
125258Delta Industrial Automation TPEditor Project File out-of-bounds write
125257IBM Security Key Lifecycle Manager SKLM Server improper authentication
125256IBM Security Key Lifecycle Manager Authentication Mechanism improper authentication
125255IBM Spectrum LSF File Permission access control [CVE-2018-1724]
125254IBM Spectrum Symphony Web UI information disclosure [CVE-2018-1708]
125253IBM Spectrum Symphony Web UI cross site scripting [CVE-2018-1706]
125252Dell Encryption/Endpoint Security Suite Enterprise Group Policy 7pk security
125251Whale Browser Installer untrusted search path [CVE-2018-12449]
125250Corsair Utility Engine CorsairService permission [CVE-2018-12441]
125249Microsoft .NET Core information disclosure [CVE-2018-8292]🔒
125248Apache ActiveMQ Web-based Administration Console queue.jsp cross site scripting🔒
125247PbootCMS sql injection [CVE-2018-18211]
125246DiliCMS cross site scripting [CVE-2018-18210]
125245DiliCMS cross site scripting [CVE-2018-18209]
125244Virtualmin webmin_search.cgi cross site scripting
125243Virtualmin settings-editor_read.cgi Frame injection
125242Responsive FileManager dialog.php Reflected cross site scripting
125241Responsive FileManager Interface dialog.php improper authentication
125240Gigasoft GE iFIX 7pk security [CVE-2018-17925]
125239Hangzhou Xiongmai XMeye P2P Cloud Server hard-coded credentials
125238Hangzhou Xiongmai XMeye P2P Cloud Server MAC Address information disclosure
125237Hangzhou Xiongmai XMeye P2P Cloud Server cryptographic issues
125236SugarCRM Community Edition YUI/FlashCanvas cross site scripting
125235Intelbras NPLUG SSID cross site scripting [CVE-2018-17337]
125234tinc VPN Packet cryptographic issues [CVE-2018-16758]🔒
125233tinc Authentication Protocol improper authentication [CVE-2018-16738]🔒
125232tinc Authentication Protocol improper authentication [CVE-2018-16737]🔒
125231F5 BIG-IP LRO resource management [CVE-2018-15311]🔒
125230Siemens SIMATIC ET/SIMATIC S7-1500/SIMATIC S7-1500 Network Stack resource consumption
125229Siemens ROX II SSH Interface command injection [CVE-2018-13802]
125228Siemens ROX II Service Port 22 access control [CVE-2018-13801]
125227Siemens SIMATIC S7-1200 Web Interface cross-site request forgery
125226Descor Infocad FM Web Service 7pk security [CVE-2018-13789]
125225EPiServer Ektron CMS activateuser.aspx access control
125224Eclipse Vert.x OpenAPI XML Parser xml external entity reference
125223Eclipse Vert.x StaticHandler path traversal
125222Eclipse Vert.x memory corruption [CVE-2018-12541]
125221Intelbras NPLUG Web Interface cross-site request forgery [CVE-2018-12456]
125220Intelbras NPLUG Web Interface improper authentication [CVE-2018-12455]
125219TIBCO Spotfire Statistics Services Web Server privileges management
125218Intel QuickAssist Technology for Linux Access Control information disclosure
125217Intel Server Board/Server System/Compute Module Access Protection access control
125216Intel S7200AP/S7200APR/HNS7200AP/HNS7200AP Password Hashing credentials management
125215Intel Rapid Web Server information disclosure [CVE-2018-12161]
125214Intel NUC FW Kit BIOS Update Utility input validation [CVE-2018-12158]
125213Intel Graphics Drivers Unified Shader Compiler input validation
125212Intel Graphics Drivers Unified Shader Compile memory corruption
125211Intel NVMe/RSTe Driver Pack Installer access control [CVE-2018-12131]
125210Juniper Junos Management Interface resource consumption [CVE-2018-0063]
125209Juniper Junos J-Web Service input validation [CVE-2018-0062]
125208Juniper Junos resource consumption [CVE-2018-0061]
125207Juniper Junos dcd input validation [CVE-2018-0060]
125206Juniper ScreenOS Graphical User Interface Persistent cross site scripting🔒
125205Juniper Junos IPv6 Exception Packet input validation [CVE-2018-0058]
125204Juniper Junos BBE input validation [CVE-2018-0057]
125203Juniper Junos L2ALD input validation [CVE-2018-0056]
125202Juniper Junos DHCP Service input validation [CVE-2018-0055]
125201Juniper Junos Management Interface resource consumption [CVE-2018-0054]
125200Juniper Junos Boot Sequence improper authentication [CVE-2018-0053]
125199Juniper Junos RSH Service improper authentication [CVE-2018-0052]
125198Juniper Junos SIP Application Layer Gateway input validation
125197Juniper Junos RPD input validation [CVE-2018-0050]
125196Juniper Junos Kernel null pointer dereference [CVE-2018-0049]
125195Juniper Junos RPD resource consumption [CVE-2018-0048]🔒
125194Juniper Junos Space Security Director UI Framework Persistent cross site scripting
125193Juniper Junos Space OpenNMS Reflected cross site scripting
125192Juniper Junos RPD input validation [CVE-2018-0045]
125191Juniper Junos JDM improper authentication [CVE-2018-0044]
125190Juniper Junos RPD input validation [CVE-2018-0043]🔒
125189Facebook WhatsApp Messenger RTP Packet heap-based overflow
125188Huawei MyCloud APP Factory Reset Protection access control [CVE-2018-7928]
125187EpiCentro Login Form login code injection
125186EpiCentro httpd memory corruption [CVE-2018-7632]
125185EpiCentro httpd memory corruption [CVE-2018-7631]
125184VMware ESXi/Workstation/Fusion 3d Rendering Shader resource consumption
125183Kubernetes apiserver access control [CVE-2018-2475]
125182SAP Fiori cross-site request forgery [CVE-2018-2474]
125181SAP Business Intelligence Web Intelligence DHTML Client cross site scripting
125180SAP Business Intelligence information disclosure [CVE-2018-2471]
125179SAP NetWeaver Application Server for ABAP cross site scripting
125178SAP Adaptive Server Enterprise information disclosure [CVE-2018-2469]
125177SAP Adaptive Server Enterprise Backup Server information disclosure
125176SAP BusinessObjects BI Platform Servers SDK Path information disclosure
125175SAP Data Services Management Console cross site scripting [CVE-2018-2466]
125174Bytom net.go checkTopicRegister integer overflow
125173QLogic 4Gb Fibre Channel/4-8Gb SAN credentials management [CVE-2018-18202]
125172qibosoft cross-site request forgery [CVE-2018-18201]
125171Redaxo Benutzerverwaltung sql injection [CVE-2018-18200]
125170Redaxo Mediamanager cross site scripting [CVE-2018-18199]
125169Redaxo index.php cross site scripting
125168libgig DLS.cpp Sampler memory corruption
125167libgig RIFF.cpp GetListTypeString out-of-bounds read
125166libgig DLS.cpp Sample divide by zero
125165libgig DLS.cpp GetSample out-of-bounds read
125164libgig DLS.cpp File memory corruption
125163libgig DLS.cpp GetFirstSample out-of-bounds read
125162dayrui FineCMS cross-site request forgery [CVE-2018-18191]
125161GoPro gpmf-parser GPMF_parser.c GPMF_ScaledData divide by zero
125160OpenJPEG convert.c imagetopnm null pointer dereference🔒
125159Bixie Portfolio Plugin ${project_title} cross site scripting
125158EmpireCMS File Upload moddofun.php LoadInMod unrestricted upload
125157DuomiCMS ajax.php sql injection
125156DuomiCMS search.php code injection
125155Waimai Super CMS cross site scripting [CVE-2018-18082]
125154Wikidforum rpc.php sql injection
125153Requests Package credentials management [CVE-2018-18074]🔒
125152Navigate CMS navigate.php Stored cross site scripting
125151QEMU net.c qemu_deliver_packet_iov integer overflow🔒
125150QEMU pcnet.c pcnet_receive memory corruption🔒
125149QEMU rtl8139.c rtl8139_do_receive integer overflow🔒
125148Ultimate Member - User Profile / Membership Plugin um-actions-login.php cross site scripting
125147Joomla CMS com_contact 7pk security [CVE-2018-17859]🔒
125146Joomla CMS com_installer cross-site request forgery [CVE-2018-17858]🔒
125145Joomla CMS Tags Search access control [CVE-2018-17857]🔒
125144Joomla CMS com_joomlaupdate input validation [CVE-2018-17856]🔒
125143Joomla CMS Registration access control [CVE-2018-17855]🔒
125142Telegram Messenger Biometric Validation keyGenerator improper authentication [Disputed]
125141Telegram Messenger improper authentication [CVE-2018-15542] [Disputed]
125140Red Hat Ceph Storage ceph-isci-cli rbd-target-api privileges management🔒
125139D-Link DIR-809 A1/DIR-809 A2/Guest Zone credentials management
125138D-Link DIR-809 A1/DIR-809 A2/Guest Zone improper authentication
125137openSUSE Open Build Service Request ID input validation [CVE-2018-12479]
125136openSUSE Open Build Service input validation [CVE-2018-12478]
125135openSUSE Open Build Service crlf injection [CVE-2018-12477]
125134openSUSE Open Build Service obs-service-tar_scm input validation
125133Apache Tika XML Parser reset xml external entity reference
125132LeviStudioU Project XML File xml external entity reference [CVE-2018-10614]
125131LeviStudioU Project File out-of-bounds write [CVE-2018-10610]
125130Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
125129Microsoft SQL Server Management Studio XML Content xml external entity reference🔒
125128Microsoft Exchange Server MFC Library Loader untrusted search path🔒🔒
125127Microsoft SQL Server Management Studio XMLA File xml external entity reference🔒
125126Microsoft Azure IoT Edge/Hub Device Client SDK for Azure IoT MQTT Object memory corruption
125125Microsoft Edge Security Feature 7pk security [CVE-2018-8530]🔒
125124Microsoft SQL Server Management Studio XEL File xml external entity reference🔒
125123Microsoft Windows Codecs Library information disclosure [CVE-2018-8506]🔒
125122Microsoft Windows TCP/IP information disclosure [CVE-2018-8493]🔒
125121Microsoft Windows DirectX information disclosure [CVE-2018-8486]🔒
125120Microsoft Windows Windows Media Player information disclosure🔒
125119Microsoft Windows Windows Media Player information disclosure🔒
125118Microsoft Windows GDI information disclosure [CVE-2018-8472]🔒
125117Microsoft Windows Kernel information disclosure [CVE-2018-8330]🔒
125116Microsoft Exchange Server access control [CVE-2018-8265]🔒
125115Microsoft Windows Theme API input validation [CVE-2018-8413]🔒
125114Microsoft Windows Windows Shell input validation [CVE-2018-8495]🔒🔒
125113Microsoft Windows Kernel access control [CVE-2018-8497]🔒
125112Microsoft Windows Subsystem for Linux access control [CVE-2018-8329]🔒
125111Microsoft Windows Device Guard Code Integrity Policy 7pk security🔒
125110Microsoft Windows DNS Global Blocklist 7pk security [CVE-2018-8320]🔒
125109Microsoft Windows NTFS access control [CVE-2018-8411]🔒
125108Microsoft Windows Filter Manager access control [CVE-2018-8333]🔒
125107Microsoft SharePoint Enterprise Server access control [CVE-2018-8498]🔒
125106Microsoft SharePoint Enterprise Server cross site scripting [CVE-2018-8488]🔒
125105Microsoft SharePoint Enterprise Server access control [CVE-2018-8518]🔒
125104Microsoft SharePoint Enterprise Server access control [CVE-2018-8480]🔒
125103Microsoft Windows Graphics Component information disclosure [CVE-2018-8427]🔒
125102Microsoft Office/Word Protected View data processing [CVE-2018-8504]🔒
125101Microsoft Windows Graphics Component memory corruption [CVE-2018-8432]🔒
125100Microsoft Office/PowerPoint Protected View data processing [CVE-2018-8501]🔒
125099Microsoft Office/Excel Protected View data processing [CVE-2018-8502]🔒
125098Microsoft Windows JET Database Engine input validation [CVE-2018-8423]🔒
125097Microsoft Windows DirectX Graphics access control [CVE-2018-8484]🔒
125096Microsoft Windows Win32k access control [CVE-2018-8453]🔒
125095Microsoft Exchange Server Outlook Web Access access control [CVE-2018-8448]🔒
125094Microsoft Edge Security Feature input validation [CVE-2018-8512]🔒
125093Microsoft Windows Hyper-V input validation [CVE-2018-8489]🔒
125092Microsoft Windows Hyper-V input validation [CVE-2018-8490]🔒
125091Microsoft Windows MS XML xml external entity reference [CVE-2018-8494]🔒
125090Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
125089Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
125088Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
125087Microsoft ChakraCore Scripting Engine memory corruption [CVE-2018-8500]
125086Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
125085Microsoft Edge/ChakraCore memory corruption [CVE-2018-8473]🔒
125084Microsoft Edge memory corruption [CVE-2018-8509]🔒
125083Microsoft Internet Explorer memory corruption [CVE-2018-8460]🔒🔒
125082Microsoft Internet Explorer memory corruption [CVE-2018-8491]🔒
125081Daimler Mercedes Me App Certificate Pinning information disclosure
125080Daimler Mercedes Comand Navigation Route Calculation data processing [Disputed]
125079Auto-Maskin DCU 210E/RP-210E/Marine Pro Observer Embedded Web Server cryptographic issues
125078Auto-Maskin DCU 210E/RP-210E/Marine Pro Observer Android App information disclosure
125077Auto-Maskin DCU-210E RP-210E Modbus Communication origin validation
125076Auto-Maskin DCU 210E Dropbear SSH Server hard-coded credentials
125075Foxit PDF Reader Javascript Engine use after free [CVE-2018-3997]🔒
125074Foxit PDF Reader Javascript Engine use after free [CVE-2018-3996]🔒
125073Foxit PDF Reader Javascript Engine use after free [CVE-2018-3992]🔒
125072Foxit PDF Reader Javascript Engine use after free [CVE-2018-3945]🔒
125071Foxit PDF Reader Javascript Engine use after free [CVE-2018-3942]🔒
125070Foxit PDF Reader Javascript Engine use after free [CVE-2018-3941]🔒
125069Foxit PDF Reader Javascript Engine use after free [CVE-2018-3940]🔒
125068WPML Plugin process_forms theme-localization.php cross site scripting
125067net-snmp snmp_api.c null pointer dereference [CVE-2018-18066]
125066net-snmp table_container.c _set_key null pointer dereference🔒
125065Cairo WebKitGTK+ cairo-rectangular-scan-converter.c _cairo_image_spans_and_zero memory corruption
125064Linux Kernel resource consumption [CVE-2018-17977]
125063WECON Technology PI Studio HMI/PI Studio Object File Parser xml external entity reference
125062Seqrite End Point Security access control [CVE-2018-17775]
125061IBM Tivoli Key Lifecycle Manager Error Message information disclosure
125060IBM Security Key Lifecycle Manager Permission permission [CVE-2018-1750]
125059IBM Tivoli Key Lifecycle Manager Blacklist input validation [CVE-2018-1749]
125058D-Link Central WiFi Manager Stored cross site scripting [CVE-2018-17443]
125057D-Link Central WiFi Manager File Upload unrestricted upload [CVE-2018-17442]
125056D-Link Central WiFi Manager Stored cross site scripting [CVE-2018-17441]
125055D-Link Central WiFi Manager FTP Server unrestricted upload [CVE-2018-17440]
125054IBM Tivoli Key Lifecycle Manager information disclosure [CVE-2018-1743]
125053IBM Tivoli Key Lifecycle Manager hard-coded credentials [CVE-2018-1742]
125052IBM Tivoli Key Lifecycle Manager input validation [CVE-2018-1741]
125051Telerik Extensions for ASP.NET MVC access control [CVE-2018-17060]
125050Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16297]🔒
125049Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16296]🔒
125048Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16295]🔒
125047Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16294]🔒
125046Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16293]🔒
125045Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16292]🔒
125044Foxit Reader/PhantomPDF Javascript Engine use after free [CVE-2018-16291]🔒
125043Discuss Module Stored cross site scripting [CVE-2018-15903]
125042WECON Technology PI Studio HMI/PI Studio memory corruption [CVE-2018-14818]
125041WECON Technology PI Studio HMI/PI Studio out-of-bounds write
125040Linux Kernel show_opcodes Kernel Memory input validation
125039Rust Programming Language Standard Library repeat integer overflow🔒
125038privacyIDEA check input validation
125037pyOpenSSL PKCS #12 Store denial of service [CVE-2018-1000808]🔒
125036pyOpenSSL X.509 Object use after free [CVE-2018-1000807]🔒
125035Paramiko SSH Server access control [CVE-2018-1000805]🔒
125034Contiki-NG AQL Database Engine memory corruption [CVE-2018-1000804]
125033Gitea information disclosure [CVE-2018-1000803]
125032F5 BIG-IP Traffic Management Microkernel input validation [CVE-2016-7475]🔒🔒
125031Adobe Acrobat Reader access control [CVE-2018-15966]🔒
125030Adobe Acrobat Reader null pointer dereference [CVE-2018-15937]🔒
125029Adobe Acrobat Reader null pointer dereference [CVE-2018-15931]🔒
125028Adobe Acrobat Reader null pointer dereference [CVE-2018-15930]🔒
125027Adobe Acrobat Reader memory corruption [CVE-2018-15951]🔒
125026Adobe Acrobat Reader memory corruption [CVE-2018-12855]🔒
125025Adobe Acrobat Reader memory corruption [CVE-2018-12853]🔒
125024Adobe Acrobat Reader integer overflow [CVE-2018-12881]🔒
125023Adobe Acrobat Reader integer overflow [CVE-2018-12842]🔒
125022Adobe Acrobat Reader double free [CVE-2018-12841]🔒
125021Adobe Acrobat Reader memory corruption [CVE-2018-12838]🔒
125020Adobe Acrobat Reader type conversion [CVE-2018-12876]🔒
125019Adobe Acrobat Reader type conversion [CVE-2018-12858]🔒
125018Adobe Acrobat Reader type conversion [CVE-2018-12835]🔒
125017Adobe Acrobat Reader use after free [CVE-2018-15924]🔒
125016Adobe Acrobat Reader use after free [CVE-2018-15920]🔒
125015Adobe Acrobat Reader use after free [CVE-2018-12877]🔒
125014Adobe Acrobat Reader use after free [CVE-2018-12863]🔒
125013Adobe Acrobat Reader use after free [CVE-2018-12852]🔒
125012Adobe Acrobat Reader use after free [CVE-2018-12831]🔒
125011Adobe Acrobat Reader use after free [CVE-2018-12769]🔒
125010Adobe Acrobat Reader memory corruption [CVE-2018-12851]🔒
125009Adobe Acrobat Reader memory corruption [CVE-2018-12847]🔒
125008Adobe Acrobat Reader memory corruption [CVE-2018-12846]🔒
125007Adobe Acrobat Reader memory corruption [CVE-2018-12837]🔒
125006Adobe Acrobat Reader memory corruption [CVE-2018-12836]🔒
125005Adobe Acrobat Reader memory corruption [CVE-2018-12833]🔒
125004Adobe Acrobat Reader memory corruption [CVE-2018-12832]🔒
125003Adobe Acrobat Reader out-of-bounds read [CVE-2018-15956]🔒
125002Adobe Acrobat Reader out-of-bounds read [CVE-2018-15953]🔒
125001Adobe Acrobat Reader out-of-bounds read [CVE-2018-15950]🔒
125000Adobe Acrobat Reader out-of-bounds read [CVE-2018-15949]🔒
124999Adobe Acrobat Reader out-of-bounds read [CVE-2018-15948]🔒
124998Adobe Acrobat Reader out-of-bounds read [CVE-2018-15947]🔒
124997Adobe Acrobat Reader out-of-bounds read [CVE-2018-15946]🔒
124996Adobe Acrobat Reader out-of-bounds read [CVE-2018-15943]🔒
124995Adobe Acrobat Reader out-of-bounds read [CVE-2018-15942]🔒
124994Adobe Acrobat Reader out-of-bounds read [CVE-2018-15932]🔒
124993Adobe Acrobat Reader out-of-bounds read [CVE-2018-15927]🔒
124992Adobe Acrobat Reader out-of-bounds read [CVE-2018-15926]🔒
124991Adobe Acrobat Reader out-of-bounds read [CVE-2018-15925]🔒
124990Adobe Acrobat Reader out-of-bounds read [CVE-2018-15923]🔒
124989Adobe Acrobat Reader out-of-bounds read [CVE-2018-15922]🔒
124988Adobe Acrobat Reader out-of-bounds read [CVE-2018-12880]🔒
124987Adobe Acrobat Reader out-of-bounds read [CVE-2018-12879]🔒
124986Adobe Acrobat Reader out-of-bounds read [CVE-2018-12878]🔒
124985Adobe Acrobat Reader out-of-bounds read [CVE-2018-12875]🔒
124984Adobe Acrobat Reader out-of-bounds read [CVE-2018-12874]🔒
124983Adobe Acrobat Reader out-of-bounds read [CVE-2018-12873]🔒
124982Adobe Acrobat Reader out-of-bounds read [CVE-2018-12872]🔒
124981Adobe Acrobat Reader out-of-bounds read [CVE-2018-12871]🔒
124980Adobe Acrobat Reader out-of-bounds read [CVE-2018-12870]🔒
124979Adobe Acrobat Reader out-of-bounds read [CVE-2018-12869]🔒
124978Adobe Acrobat Reader out-of-bounds read [CVE-2018-12867]🔒
124977Adobe Acrobat Reader out-of-bounds read [CVE-2018-12866]🔒
124976Adobe Acrobat Reader out-of-bounds read [CVE-2018-12859]🔒
124975Adobe Acrobat Reader out-of-bounds read [CVE-2018-12857]🔒
124974Adobe Acrobat Reader out-of-bounds read [CVE-2018-12856]🔒
124973Adobe Acrobat Reader out-of-bounds read [CVE-2018-12845]🔒
124972Adobe Acrobat Reader out-of-bounds read [CVE-2018-12844]🔒
124971Adobe Acrobat Reader out-of-bounds read [CVE-2018-12843]🔒
124970Adobe Acrobat Reader out-of-bounds read [CVE-2018-12839]🔒
124969Adobe Acrobat Reader out-of-bounds read [CVE-2018-12834]🔒
124968Adobe Acrobat Reader out-of-bounds read [CVE-2018-15968]🔒
124967Adobe Acrobat Reader out-of-bounds write [CVE-2018-15955]🔒
124966Adobe Acrobat Reader out-of-bounds write [CVE-2018-15954]🔒
124965Adobe Acrobat Reader out-of-bounds write [CVE-2018-15952]🔒
124964Adobe Acrobat Reader out-of-bounds write [CVE-2018-15945]🔒
124963Adobe Acrobat Reader out-of-bounds write [CVE-2018-15944]🔒
124962Adobe Acrobat Reader out-of-bounds write [CVE-2018-15941]🔒
124961Adobe Acrobat Reader out-of-bounds write [CVE-2018-15940]🔒
124960Adobe Acrobat Reader out-of-bounds write [CVE-2018-15939]🔒
124959Adobe Acrobat Reader out-of-bounds write [CVE-2018-12861]🔒
124958Adobe Acrobat Reader out-of-bounds write [CVE-2018-12860]🔒
124957Adobe Acrobat Reader out-of-bounds write [CVE-2018-12759]🔒
124956ImageMagick SVG Image File pict.c EncodeImage out-of-bounds read🔒
124955ImageMagick BMP File bmp.c ReadBMPImage resource consumption🔒
124954ImageMagick SVG Image File svg.c SVGStripString out-of-bounds read
124953Linux Kernel KVM guest.c input validation🔒
124952wp-slimstat Plugin HTTP Referer Header cross site scripting [CVE-2015-9273]
124951eXtplorer index.php ext_find_user improper authentication
124950QPDF QPDFWriter.cc unparseChild input validation
124949Git Clone input validation [CVE-2018-17456]🔒
124948VMware Workspace ONE Unified Endpoint Management Console SAML Authentication improper authentication🔒
124947IBM Robotic Process Automation with Automation Anywhere Persistent cross site scripting
124946ImageMagick pcx.c WritePCXImage resource management🔒
124945razorCMS data cross-site request forgery
124944IBM Robotic Process Automation with Automation Anywhere Web UI cross site scripting
124943IBM Spectrum Scale GPFS Command Line Utility access control [CVE-2018-1783]
124942IBM Spectrum Scale GPFS Command Line Utility information disclosure
124941IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1686]
124940IBM QRadar Incident Forensics path traversal [CVE-2018-1649]
124939IBM QRadar Incident Forensics resource management [CVE-2018-1647]
124938Pivotal Container Service IaaS Credential Log credentials management
124937Cisco WebEx Training Center Web-based Management Interface cross site scripting
124936Cisco Unified IP Phone Web-based Management Interface cross site scripting
124935Cisco Prime Infrastructure Server Backup information disclosure
124934Cisco Prime Infrastructure Server Backup information disclosure
124933Cisco WebEx Network Recording Player ARF File input validation
124932Cisco Expressway/TelePresence Video Communication Server input validation
124931Cisco HyperFlex HX Data Platform Web-based UI information disclosure
124930Cisco IOS XR Border Gateway Protocol input validation [CVE-2018-15428]
124929Cisco Connected Safety/Security Unified Computing System Video Surveillance Manager hard-coded credentials
124928Cisco Unity Connection Web-based Interface Stored cross site scripting
124927Cisco Identity Services Engine Web-based Management Interface input validation
124926Cisco Identity Services Engine Web-based Management Interface input validation
124925Cisco HyperFlex Software Web UI input validation [CVE-2018-15423]
124924Cisco WebEx Network Recording Player ARF File input validation
124923Cisco WebEx Network Recording Player ARF File input validation
124922Cisco WebEx Network Recording Player ARF File input validation
124921Cisco WebEx Network Recording Player ARF File input validation
124920Cisco WebEx Network Recording Player ARF File input validation
124919Cisco WebEx Network Recording Player ARF File input validation
124918Cisco WebEx Network Recording Player ARF File input validation
124917Cisco WebEx Network Recording Player ARF File input validation
124916Cisco WebEx Network Recording Player ARF File input validation
124915Cisco WebEx Network Recording Player ARF File input validation
124914Cisco WebEx Network Recording Player ARF File input validation
124913Cisco WebEx Network Recording Player ARF File memory corruption
124912Cisco WebEx Network Recording Player ARF File memory corruption
124911Cisco WebEx Network Recording Player ARF File input validation
124910Cisco WebEx Network Recording Player ARF File input validation
124909Cisco HyperFlex Software Installation information disclosure
124908Cisco UCS Director Web-based Management Interface Stored cross site scripting
124907Cisco Integrated Management Controller Web Interface information disclosure
124906Cisco Integrated Management Controller Web Interface resource management
124905Cisco Emergency Responder redirect [CVE-2018-15403]
124904Cisco Hosted Collaboration Mediation Fulfillment Web-based Management Interface cross-site request forgery
124903Cisco Cloud Services Platform 2100 Web-based Management Interface cross site scripting
124902Cisco ASA/AMP/FirePOWER TCP Syslog Module resource consumption
124901Cisco ASA/Firepower Threat Defense Per-User-Override access control
124900Cisco ASA/Firepower Threat Defense TFC over IPsec key management
124899Cisco Unity Connection Bulk Administration Tool resource management
124898Cisco Industrial Network Director DHCP Service resource management
124897Cisco Remote PHY Software IPv4 Fragment resource management [CVE-2018-15391]
124896Cisco Firepower Threat Defense FTP Inspection Engine resource management🔒
124895Cisco Prime Collaboration Provisioning Administrative Web Interface credentials management
124894Cisco SD-WAN Solution input validation [CVE-2018-15387]
124893Cisco Digital Network Architecture config [CVE-2018-15386]
124892Cicoandcico ASA/Firepower Threat Defense Cryptographic Hardware Accelerator Driver resource consumption🔒
124891Cisco HyperFlex System Remote Code Execution [CVE-2018-15382]
124890Cisco Prime Infrastructure HTTP Web Server permission [CVE-2018-15379]🔒
124889Cisco IOS/IOS XE Network Plug/Play resource consumption [CVE-2018-15377]
124888Cisco IOS Embedded Test Subsystem write-what-where condition
124887Cisco IOS Embedded Test Subsystem write-what-where condition
124886Cisco IOS XE Digital Signature Verification signature verification
124885Cisco IOS/IOS XE CDP resource management [CVE-2018-15373]
124884Cisco IOS XE MACsec Key Agreement access control [CVE-2018-15372]
124883Cisco IOS XE Shell Access Request Mechanism access control [CVE-2018-15371]
124882Cisco Catalyst 6800 IOS ROM Monitor access control [CVE-2018-15370]
124881Cisco IOS/IOS XE TACACS+ Client Subsystem input validation [CVE-2018-15369]
124880Cisco IOS XE CLI Parser input validation [CVE-2018-15368]
1248791Password App input validation [CVE-2018-13042]
124878Cloud Foundry Log Cache log file [CVE-2018-1264]
124877Apache PDFbox PDF File input validation [CVE-2018-11797]🔒
124876Apache Ranger UnixAuthenticationService memory corruption [CVE-2018-11778]
124875Cloud Foundry BOSH UAA improper authorization [CVE-2018-11083]
124874Cloud Foundry UAA MFA Code credentials management [CVE-2018-11082]
124873Pivotal Operations Manager Config credentials management [CVE-2018-11081]
124872Dell EMC Unity OE/UnityVSA OE File Permission permission [CVE-2018-11064]
124871Cisco ISR G2/ISR4451-X data processing [CVE-2018-0485]
124870Cisco IOS XE command injection [CVE-2018-0481]🔒
124869Cisco IOS XE VLAN race condition [CVE-2018-0480]🔒
124868Cisco IOS XE CLI Parser command injection [CVE-2018-0477]🔒
124867Cisco IOS XE NAT SIP ALG resource management [CVE-2018-0476]🔒
124866Cisco IOS/IOS XE Cluster Feature input validation [CVE-2018-0475]🔒
124865Cisco IOS PTP Subsystem resource management [CVE-2018-0473]🔒
124864Cisco IOS XE/ASA 5500-X IPsec Driver input validation [CVE-2018-0472]🔒
124863Cisco IOS XE Cisco Discovery Protocol resource consumption [CVE-2018-0471]🔒
124862Cisco IOS XE Web Framework resource management [CVE-2018-0470]🔒
124861Cisco IOS XE Web User Interface double free [CVE-2018-0469]🔒
124860Cisco IOS/IOS XE IPv6 input validation [CVE-2018-0467]🔒
124859Cisco IOS/IOS XE Open Shortest Path First Version 3 resource management🔒
124858Cisco Small Business 300 Web-based Management Interface cross site scripting
124857Cisco Data Center Network Manager Management Interface path traversal🔒
124856Cisco Network Services Orchestrator Network Plug/Play access control
124855Cisco Enterprise NFV Infrastructure Software User Management input validation
124854Cisco Enterprise NFV Infrastructure Software REST API improper authorization
124853Cisco Enterprise NFV Infrastructure Software Web-based Management Interface improper authorization
124852Cisco Prime Collaboration Assurance Web-based Management Interface cross site scripting
124851Cisco WebEx Player resource management [CVE-2018-0457]
124850Cisco Firepower System Software SMBv2/SMv3 data processing [CVE-2018-0455]
124849Cisco Cloud Services Platform 2100 Web-based Management Interface command injection
124848Cisco Firepower Threat Defense Sourcefire Tunnel Control Channel Protocol access control
124847Cisco Tetration Analytics Web-based Management Interface cross site scripting
124846Cisco Tetration Analytics Web-based Management Interface cross-site request forgery
124845Cisco Data Center Network Manager Web-based Management Interface cross site scripting
124844Cisco Digital Network Architecture Center Identity Management inadequate encryption
124843Cisco Email Security Appliance Anti-Spam Protection Mechanism access control
124842Cisco Industrial Network Director Web-based Management Interface cross-site request forgery
124841Cisco Packaged Contact Center Enterprise Web-based Management Interface cross-site request forgery
124840Cisco Packaged Contact Center Enterprise Web-based Management Interface Stored cross site scripting
124839Cisco Data Center Network Manager Web Interface access control
124838Cisco Meeting Server Web-based Management Interface cross-site request forgery
124837Cisco Umbrella Enterprise Roaming Client access control [CVE-2018-0438]
124836Cisco Umbrella Enterprise Roaming Client access control [CVE-2018-0437]
124835Cisco WebEx Teams access control [CVE-2018-0436]
124834Cisco Umbrella API improper authentication [CVE-2018-0435]
124833Cisco SD-WAN Solution Zero Touch Provisioning certificate validation
124832Cisco SD-WAN Solution CLI command injection [CVE-2018-0433]
124831Cisco SD-WAN Solution Error Reporting access control [CVE-2018-0432]
124830Cisco Integrated Management Controller Web-based Management Console command injection
124829Cisco Integrated Management Controller Web-based Management Console command injection
124828Cisco RV110W/RV130W/RV215W Web-based Management Interface path traversal
124827Cisco RV110W/RV130W/RV215W Web-based Management Interface access control
124826Cisco RV110W/RV130W/RV215W Web-based Management Interface command injection
124825Cisco RV110W/RV130W/RV215W Web-based Management Interface memory corruption
124824Cisco Webex Meetings Client Folder Permission Stored permission assignment
124823Cisco Prime Access Registrar TCP Connection Management resource management
124822Cisco Secure Access Control Server Web UI xml external entity reference
124821Cisco RV180W/RV220W Web Framework path traversal [CVE-2018-0405]
124820Cisco RV180W/RV220W Web Framework SQL sql injection
124819Cisco IOS/IOS XE VLAN Trunking Protocol input validation [CVE-2018-0197]
124818videowhisper-video-presentation Plugin vw_upload.php code injection
124817wp-db-backup Plugin Access Control Brute Force information disclosure
124816Karo Gem command injection [CVE-2014-10075]
124815Ice Cold Apps Servers Ultimate Network Services improper authentication
124814NetApp E-Series SANtricity OS Controller Software input validation
124813IBM Financial Transaction Manager for Digital Payments for Multi-Platform sql injection
124812GNU libiberty cp-demangle.c cplus_demangle_type resource consumption
124811ISPConfig Regular Expression incorrect regex [CVE-2018-17984]
124810Mercurial Manifest Entry manifest.c out-of-bounds read🔒
124809Carestream Vue RIS/RIS Client Error information disclosure [CVE-2018-17891]
124808Coast CMS Stored cross site scripting [CVE-2018-17876]
124807Verba Collaboration Compliance Permission permission [CVE-2018-17872]
124806Verba Collaboration Compliance Access Control access control
124805Navigate CMS navigate_upload.php Stored cross site scripting
124804IBM Financial Transaction Manager Log File information disclosure
124803PHP Scripts Mall Open Source Real-Estate Script img Directory path traversal
124802PHP Scripts Mall Website Seller Script Keyword cross site scripting
124801PHP Scripts Mall Market Place Script Keyword cross site scripting
124800PHP Scripts Mall Domain Lookup Script Search Bar cross site scripting
124799PHP Scripts Mall Olx Clone cross site scripting [CVE-2018-16326]
124798IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1604]
124797IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1603]
124796IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1602]
124795MediaWiki Web Access .htaccess information disclosure
124794SuSE Linux SMT Sibling Server improper authentication [CVE-2018-12472]🔒
124793SuSE Linux SMT Blocking Element xml external entity reference🔒
124792SuSE Linux SMT RegistrationSharing sql injection [CVE-2018-12470]🔒
124791Apache Tomcat URL redirect [CVE-2018-11784]🔒
124790MediaWiki BotPasswords access control [CVE-2018-0505]🔒
124789MediaWiki logid log file🔒
124788MediaWiki access control [CVE-2018-0503]🔒
124787Apache Pony Mail Statistics Generator information disclosure
124786VideoWhisper videowhisper-video-conference-integration Plugin vw_upload.php unrestricted upload
124785McAfee Threat Intelligence Exchange SSH Host Key Generation cryptographic issues
124784McAfee Data Loss Prevention Endpoint improper authentication
124783HP Printer/MFP cross-site request forgery [CVE-2018-5921]
124782Foxit PDF Reader Javascript Engine use after free [CVE-2018-3995]🔒
124781Foxit PDF Reader Javascript Engine use after free [CVE-2018-3994]🔒
124780Foxit PDF Reader Javascript Engine use after free [CVE-2018-3993]🔒
124779Foxit PDF Reader Javascript Engine use after free [CVE-2018-3967]🔒
124778Foxit PDF Reader Javascript Engine use after free [CVE-2018-3966]🔒
124777Foxit PDF Reader Javascript Engine use after free [CVE-2018-3965]🔒
124776Foxit PDF Reader Javascript Engine use after free [CVE-2018-3964]🔒
124775Foxit PDF Reader Javascript Engine use after free [CVE-2018-3946]🔒
124774tcpreplay en10mb.c dlt_en10mb_encode memory corruption🔒
IDTitleNessusOpenVASSnortSuricataTippingPoint
124773Linux Kernel base.c proc_pid_stack access control🔒
124772Samsung SCX-6545X SNMP Service credentials management [CVE-2018-17969]
124771ImageMagick bgr.c ReadBGRImage resource management
124770ImageMagick pdb.c WritePDBImage resource management🔒
124769ImageMagick sgi.c WriteSGIImage resource management🔒
124768Snazzy Maps Plugin cross site scripting [CVE-2018-17947]
124767Tribulant Slideshow Gallery Plugin cross site scripting [CVE-2018-17946]
124766Gnulib vasnprintf.c convert_to_decimal memory corruption🔒
124765IBM WebSphere Application Server Oauth cross site scripting [CVE-2018-1794]
124764Synacor Zimbra Collaboration input validation [CVE-2018-17938]
124763IBM WebSphere Application Server SAML cross site scripting [CVE-2018-1793]
124762D-Link DIR-823G GoAhead Configuration HNAP1 password recovery
124761D-Link DIR-823G GoAhead Configuration HNAP1 input validation
124760Multi-Tech FaxFinder sql injection [CVE-2018-17562]
124759Naviwebs Navigate CMS File Upload navigate_upload.php unrestricted upload
124758Naviwebs Navigate CMS login.php sql injection
124757strongSwan gmp Plugin memory corruption [CVE-2018-17540]🔒
124756OPAC EasyWeb Five sql injection [CVE-2018-17428]
124755Zahir Accounting Enterprise Plus CSV File memory corruption [CVE-2018-17408]
124754Progress Sitefinity CMS Identity Server cross site scripting
124753Progress Sitefinity CMS Identity Server cross site scripting
124752GitLab Community Edition/Enterprise Edition information disclosure
124751GitLab Community Edition/Enterprise Edition Merge Request Changes View Persistent cross site scripting
124750GitLab Community Edition/Enterprise Edition Sidekiq Log log file
124749GitLab Community Edition/Enterprise Edition API Repository Storage improper authorization
124748Delta Electronics ISPSoft out-of-bounds read [CVE-2018-14800]
124747OPC Foundation UA Client Application certificate validation [CVE-2018-12087]
124746HP Notebook BIOS Password credentials management
124745Google Android inode.c sdcardfs_mkdir access control
124744Google Android file.c sdcardfs_open use after free
124743Google Android fork.c copy_process double free
124742Google Android XfrmController.cpp ipSecSetEncapSocketOwner 7pk security
124741Google Android smp_act.cc smp_proc_enc_info information disclosure
124740Google Android smp_act.cc smp_proc_master_id information disclosure
124739Google Android Bluetooth smp_act.cc smp_process_keypress_notification out-of-bounds read
124738Google Android bta_av_act.cc bta_av_proc_meta_cmd out-of-bounds read
124737Google Android avrc_api.cc avrc_msg_cback out-of-bounds read
124736Google Android mca_cact.cc mca_ccb_hdl_req out-of-bounds read
124735Google Android sdp_discovery.cc sdp_copy_raw_data out-of-bounds write
124734Google Android rfc_ts_frames.cc rfc_process_mx_message out-of-bounds read
124733Google Android Bluetooth Service rfc_ts_frames.cc rfc_process_mx_message out-of-bounds read
124732Google Android Factory Reset Protection access control [CVE-2018-9501]
124731Google Android iCrypto.cpp readVector information disclosure
124730Google Android SkSampler.cpp Fill out-of-bounds write
124729Google Android impeg2_format_conv.s impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 out-of-bounds write
124728Google Android ixheaacd_esbr_fft.c ixheaacd_real_synth_fft_p3 out-of-bounds write
124727Google Android Download Manager sql injection [CVE-2018-9493]
124726Google Android ActivityManagerService.java checkGrantUriPermissionLocked permission
124725Google Android NdkMediaCodec.cpp AMediaCodecCryptoInfo_new integer overflow
124724Google Android elements.cc CollectValuesOrEntriesImpl type conversion
124723Google Android Bluetooth Service avrc_pars_tg.cc avrc_pars_browsing_cmd use after free
124722Google Android ihevcd_parse_headers.c ihevcd_parse_sei_payload integer overflow
124721Google Android Layout.java getOffsetForHorizontal input validation
124720Lenovo IdeaPad BIOS Flash Device Lock race condition [CVE-2018-9069]
124719NVIDIA GeForce Experience GameStream information disclosure [CVE-2018-6262]
124718NVIDIA GeForce Experience GameStream permission [CVE-2018-6261]
124717Foxit PDF Reader Javascript Engine use after free [CVE-2018-3962]🔒
124716Foxit PDF Reader Javascript Engine use after free [CVE-2018-3961]🔒
124715Foxit PDF Reader Javascript Engine use after free [CVE-2018-3960]🔒
124714Foxit PDF Reader Javascript Engine use after free [CVE-2018-3959]🔒
124713Foxit PDF Reader Javascript Engine use after free [CVE-2018-3958]🔒
124712Foxit PDF Reader Javascript Engine use after free [CVE-2018-3957]🔒
124711Foxit PDF Reader Javascript Engine use after free [CVE-2018-3944]🔒
124710Foxit PDF Reader Javascript Engine use after free [CVE-2018-3943]🔒
124709JEESNS Incomplete Fix cross site scripting [CVE-2018-17886]
124708Gwolle Guestbook gb-dashboard-widget.php cross site scripting
124707D-Link DIR-823G GoAhead Configuration HNAP1 command injection
124706D-Link DIR-823G ExportSettings.sh access control
124705Zoho ManageEngine AssetExplorer AssetDef.do Stored cross site scripting
124704Fork CMS Backend ajax Stored cross site scripting
124703AirTies Air 5443v2 top.html cross site scripting
124702AirTies Air 5453 top.html cross site scripting
124701AirTies Air 5343v2 top.html cross site scripting
124700AirTies Air 5442 top.html cross site scripting
124699AirTies Air 5650 top.html cross site scripting
124698AirTies Air 5021 top.html cross site scripting
124697AirTies Air 5750 top.html cross site scripting
124696Django Password Hash credentials management [CVE-2018-16984]🔒
124695IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1692]
124694IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1691]
124693IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1605]
124692IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1601]
124691IBM Multi-Cloud Data Encryption inadequate encryption [CVE-2018-1593]
124690MensaMax DES hard-coded credentials [CVE-2018-15753]
124689MensaMax information disclosure [CVE-2018-15752]
124688IBM Rational Collaborative Lifecycle Management Web UI cross site scripting
124687IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1557]
124686Intelliants Subrion CMS cross site scripting [CVE-2018-15563]
124685IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1522]
124684IBM Security Guardium EcoSystem Certificate Validation certificate validation
124683IBM Security Guardium EcoSystem Credential Storage credentials management
124682Entes EMG12 Web Interface input validation [CVE-2018-14826]
124681Entes EMG12 Web Interface information disclosure [CVE-2018-14822]
124680IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1440]
124679IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1439]
124678IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1405]
124677IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1404]
124676IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1403]
124675IBM Rational Quality Manager Web UI cross site scripting [CVE-2018-1395]
124674openSUSE Open Build Service obs-service-tar_scm path traversal
124673Puppet cisco_ios SSH Session Credentials credentials management
124672Puppet cisco_ios SSH Connection input validation [CVE-2018-11750]
124671Puppet device_manager Configuration File Credentials credentials management
124670Dell Digital Delivery DLL injection [CVE-2018-11072]
124669GE Communicator Gigasoft memory corruption [CVE-2017-7908]
124668IBM Rational Quality Manager Web UI cross site scripting [CVE-2017-1649]
124667Atlantis Word Processor Office Open XML Parser memory corruption
124666Atlantis Word Processor Office Open XML Parser double free [CVE-2018-4000]
124665Atlantis Word Processor JPEG Parser memory corruption [CVE-2018-3999]
124664Atlantis Word Processor Windows Enhanced Metafile Parse memory corruption
124663Atlantis Word Processor Word Document Parser memory corruption
124662Atlantis Word Processor Word Document Parser out-of-bounds write
124661Atlantis Word Processor Word Document Parser memory corruption
124660Atlantis Word Processor Word Document Parser out-of-bounds write
124659Atlantis Word Processor RTF Parser out-of-bounds write [CVE-2018-3975]
124658ExpressionEngine Reflected cross site scripting [CVE-2018-17874]
124657Btiteam XBTIT account_change.php redirect
124656Dasan H660GW cross-site request forgery [CVE-2018-17869]
124655Dasan H660GW Port Forwarding Stored cross site scripting
124654Dasan H660GW Port Forwarding adv_nat_virsvr.asp command injection
124653IBM WebSphere Portal improper authentication [CVE-2018-1672]
124652TP-LINK TL-WRN841N Web Interface cross-site request forgery [CVE-2018-15702]
124651TP-LINK TL-WRN841N Web Interface input validation [CVE-2018-15701]
124650TP-LINK TL-WRN841N Web Interface input validation [CVE-2018-15700]
124649Emerson AMS Device Manager access control [CVE-2018-14808]
124648Emerson AMS Device Manager Script code injection [CVE-2018-14804]
124647Fuji FRENIC LOADER Comment memory corruption [CVE-2018-14802]
124646Fuji FRENIC LOADER FNC File out-of-bounds read [CVE-2018-14798]
124645Fuji Alpha5 Smart Loader Project File memory corruption [CVE-2018-14794]
124644Fuji FRENIC LOADER memory corruption [CVE-2018-14790]
124643Fuji Alpha5 Smart Loader File Parser memory corruption [CVE-2018-14788]
124642IBM WebSphere Portal Access Control access control [CVE-2018-1420]
124641Martem TELEM GW6-GWM RTU access control [CVE-2018-10605]
124640the-holiday-calendar Plugin cross site scripting [CVE-2015-9270]
124639wordpress-mobile-pack Plugin JSON content.php information disclosure
124638SIMDComp Incomplete Fix out-of-bounds read [CVE-2018-17854]
124637WUZHI CMS card.php sql injection
124636JsonCpp json_reader.cpp readValue denial of service
124635JsonCpp json_value.cpp clear denial of service
124634Google Go html Package data processing [CVE-2018-17848]
124633Google Go html Package input validation [CVE-2018-17847]
124632Google Go html Package resource management [CVE-2018-17846]
124631JTBC(PHP) path traversal [CVE-2018-17838]
124630JTBC(PHP) input validation [CVE-2018-17837]
124629JTBC(PHP) input validation [CVE-2018-17836]
124628GetSimple CMS settings.php Stored cross site scripting
124627WUZHI CMS index.php cross site scripting
124626Redaxo list.php prepareQuery sql injection
124625Redaxo index.php cross site scripting
124624ZZIPlib unzzipcat-mem.c unzzip_cat path traversal🔒
124623HisiPHP AdminPlugins.php code injection
124622HisiPHP adduser.html cross-site request forgery
124621AdPlug emuopl.cpp CEmuopl double free🔒
124620SIMDComp out-of-bounds read [CVE-2018-17427]
124619Nullsoft Scriptable Install System Protection Mechanism Version.dll input validation🔒
124618Nullsoft Scriptable Install System Temp Folder access control🔒
124617zzcms ztconfig.php access control
124616zzcms zssave.php path traversal
124615MRCMS WebParam.java getChannel sql injection
124614LibTIFF tiff2pdf.c t2p_write_pdf memory corruption🔒
124613GNU libiberty cplus-dem.c null pointer dereference
124612Virtualenv Sandbox 7pk security [CVE-2018-17793]
124611Blynk blynk-server path traversal [CVE-2018-17785]
124610PTC ThingWorx Platform SQUEAL Search Reflected cross site scripting
124609PTC ThingWorx Platform hard-coded credentials [CVE-2018-17217]
124608PTC ThingWorx Platform Password Hash information disclosure [CVE-2018-17216]
124607Foxit PhantomPDF/Reader information disclosure [CVE-2018-17781]🔒
124606Telegram Desktop/App P2P Connection IP Address information disclosure
124605Iomega/Lenovo/LenovoEMC NAS Password Change Session Token session fixiation
124604Iomega/Lenovo/LenovoEMC NAS Self cross site scripting [CVE-2018-9081]
124603Iomega/Lenovo/LenovoEMC NAS Cookie improper authentication [CVE-2018-9080]
124602Iomega/Lenovo/LenovoEMC NAS JavaScript DOM-Based argument injection
124601Iomega/Lenovo/LenovoEMC NAS Content Explorer 7pk security [CVE-2018-9078]
124600Iomega/Lenovo/LenovoEMC NAS Share Name command injection [CVE-2018-9077]
124599Iomega/Lenovo/LenovoEMC NAS Share Name command injection [CVE-2018-9076]
124598Iomega/Lenovo/LenovoEMC NAS PersonalCloud Setup command injection
124597Iomega/Lenovo/LenovoEMC NAS Content Explorer path traversal [CVE-2018-9074]
124596FreeBSD IPv6 Protocol Control Block Flag null pointer dereference
124595TP-LINK EAP Controller RMI Service missing authentication [CVE-2018-5393]
124594PCProtect Anti-Virus access control [CVE-2018-17776]
124593FreeBSD Userland Kernel Memory information disclosure
124592FreeBSD System Call freebsd4_getfsstat null pointer dereference
124591IBM Platform Symphony/Spectrum Symphony redirect [CVE-2018-1704]
124590IBM Platform Symphony/Spectrum Symphony XML Data xml external entity reference
124589Dell EMC ESRS Policy Manager JMX Service config [CVE-2018-15764]
124588Trend Micro Deep Discovery Inspector Reflected cross site scripting
124587389 Directory Server Search Query do_search resource management🔒
124586Dell EMC Unity/UnityVSA redirect [CVE-2018-1251]
124585Dell EMC Unity/UnityVSA Unisphere improper authorization [CVE-2018-1250]
124584Dell EMC Unity/UnityVSA Unisphere Reflected cross site scripting
124583Dell EMC RSA Authentication Manager Security Console Page Reflected cross site scripting🔒
124582Dell EMC RSA Authentication Manager MadCap Flare Help File DOM-Based cross site scripting🔒
124581Dell EMC RSA Authentication Manager Operations Console Stored cross site scripting🔒
124580Telegram Desktop Proxy credentials management [CVE-2018-17613]
124579Foxit PhantomPDF/Reader use after free [CVE-2018-17611]
124578Foxit PhantomPDF/Reader use after free [CVE-2018-17610]
124577Foxit PhantomPDF/Reader use after free [CVE-2018-17609]
124576Foxit PhantomPDF/Reader use after free [CVE-2018-17608]
124575Foxit PhantomPDF/Reader use after free [CVE-2018-17607]
124574Asset Pipeline Plugin path traversal [CVE-2018-17605]
124573tcpreplay send_packets.c get_next_packet memory corruption🔒
124572Exiv2 crwimage_int.cpp readDirectory resource consumption
124571tcpreplay send_packets.c fast_edit_packet memory corruption🔒
124570SWA SWA.JACAD sql injection [CVE-2018-17575]
124569YMFE YApi Project Stored cross site scripting
124568Wp-Insert Plugin browser.html unrestricted upload
124567Vanilla Profile cross site scripting [CVE-2018-17571]
124566HPE enhanced Internet Usage Manager input validation [CVE-2018-7109]
124565HPE StorageWorks XP7 Automation Director improper authentication
124564HPE Device Entitlement Gateway sql injection [CVE-2018-7107]
124563HPE iLO 4/iLO 5 information disclosure [CVE-2018-7106]
124562HPE iLO 4/iLO 5 7pk security [CVE-2018-7105]
124561HPE Intelligent Management Center input validation [CVE-2018-7104]
124560HPE Intelligent Management Center input validation [CVE-2018-7103]
124559HPE Intelligent Management Center PLAT createFabricAutoCfgFile path traversal
124558HPE iLO 4/iLO 5 input validation [CVE-2018-7101]
124557IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1820]
124556Jekyll _config.yml link following
124555AlphaIndex Dictionaries sql injection [CVE-2018-17397]
124554Timetable Schedule sql injection [CVE-2018-17394]
124553Super CMS Blog Pro authors_post.php sql injection
124552Social Factory sql injection [CVE-2018-17385]
124551Swap Factory sql injection [CVE-2018-17384]
124550Collection Factory sql injection [CVE-2018-17383]
124549Jobs Factory sql injection [CVE-2018-17382]
124548Article Factory Manager sql injection [CVE-2018-17380]
124547Raffle Factory sql injection [CVE-2018-17379]
124546Penny Auction Factory sql injection [CVE-2018-17378]
124545Questions sql injection [CVE-2018-17377]
124544Reverse Auction Factory sql injection [CVE-2018-17376]
124543Music Collection sql injection [CVE-2018-17375]
124542IBM WebSphere Portal redirect [CVE-2018-1736]
124541IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1716]🔒
124540Progress Sitefinity CMS ServiceStack cross site scripting [CVE-2018-17056]
124539Progress Sitefinity CMS Image Upload unrestricted upload [CVE-2018-17055]
124538Rausoft ID.prove Login Page sql injection [CVE-2018-16659]
124537IBM WebSphere Portal Web UI cross site scripting [CVE-2018-1660]🔒
124536Open Ticket Request System Email input validation [CVE-2018-16587]🔒
124535Open Ticket Request System Email External input validation🔒
124534XWiki Image Import cross site scripting [CVE-2018-16277]
124533Avaya Aura Communication Manager Local System Administration access control
124532CMS ISWEB downloadFile.php path traversal
124531CMS ISWEB sql injection [CVE-2018-14956]
124530Delta Electronics Delta Industrial Automation PMSoft out-of-bounds read
124529sos-collector Permission tmp permission🔒
124528Progress Kendo UI Editor WYSIWYG Editor kendo.all.min.js toEditableHtml Reflected cross site scripting
124527Philips e-Alert Unit hard-coded credentials [CVE-2018-8856]
124526Philips e-Alert Unit resource consumption [CVE-2018-8854]
124525Philips e-Alert Unit Session Identifier session fixiation [CVE-2018-8852]
124524Philips e-Alert Unit input validation [CVE-2018-8850]
124523Philips e-Alert Unit permission [CVE-2018-8848]
124522Philips e-Alert Unit cross site scripting [CVE-2018-8846]
124521Philips e-Alert Unit cross-site request forgery [CVE-2018-8844]
124520Philips e-Alert Unit information disclosure [CVE-2018-8842]
124519Huawei Toronto-TL10 information disclosure [CVE-2018-7907]
124518ZTE MF65/MF65M1 Reflected cross site scripting [CVE-2018-7355]
124517Lithium Epee Library Deserialization deserialization [CVE-2018-3972]
124516IBM Tivoli Storage Manager inadequate encryption [CVE-2018-1785]
124515IBM Spectrum Protect Plus Instrumentation Log File log file [CVE-2018-1768]
124514ViaBTC Exchange Server ut_ws_svr.c integer overflow
124513ViaBTC Exchange Server nw_buf.c integer overflow
124512ViaBTC Exchange Server ut_rpc.c integer overflow
124511Quest ThinkPHP sql injection [CVE-2018-17566]
124510MODX Revolution Create New Media Source Stored cross site scripting
124509Arris TG2492LG-NA 061213 snmpGet information disclosure
124508AXON Evidence Sync Process injection [CVE-2018-17538]
124507iWay Data Quality Suite Web Console xml external entity reference
124506Horus CMS busca sql injection
124505SeaCMS input validation [CVE-2018-17365]
124504Ricoh MP C6003 Wizard adrsSetUserWizard.cgi Stored cross site scripting
124503Ricoh MP C2003 Wizard adrsSetUserWizard.cgi Stored cross site scripting
124502Ricoh Aficio MP 305+ Wizard adrsSetUserWizard.cgi Stored cross site scripting
124501Ricoh MP C307 Wizard adrsSetUserWizard.cgi Stored cross site scripting
124500Ricoh Aficio MP 301 Wizard adrsSetUserWizard.cgi Stored cross site scripting
124499Ricoh MP C6503 Plus Wizard adrsSetUserWizard.cgi Stored cross site scripting
124498Ricoh MP C1803 JPN Wizard adrsSetUserWizard.cgi Stored cross site scripting
124497Ricoh MP C406Z Wizard adrsSetUserWizard.cgi Stored cross site scripting
124496AssoCIateD Postman X.509 Certificate Validation certificate validation
124495LINE e108 cross-site request forgery [CVE-2018-17081]
124494Citrix ShareFile StorageZones Controller Error Message information disclosure
124493Citrix ShareFile StorageZones Controller path traversal [CVE-2018-16968]
124492IBM WebSphere Application Server Liberty ORB Communication information disclosure
124491IObit Advanced SystemCare Monitor_win10_x64.sys memory corruption
124490IObit Advanced SystemCare Monitor_win10_x64.sys Memory information disclosure
124489IObit Advanced SystemCare Monitor_win10_x64.sys memory corruption
124488Circontrol CirCarLife JSON setup.json information disclosure
124487SuSE Linux Enterprise shadow Package useradd.c access control🔒
124486Zoho ManageEngine Applications Manager SMB Share deserialization
124485Exponent strongSwan IKEv2 Authentication gmp_rsa_public_key.c verify_emsa_pkcs1_signature signature verification🔒
124484Exponent strongSwan IKEv2 Authentication gmp_rsa_public_key.c verify_emsa_pkcs1_signature signature verification🔒
124483IBM Rational Doors Next Generation Web UI cross site scripting
124482pfSense status_interfaces.php dhcp_relinquish_lease command injection🔒
124481Exponent Openswan IKEv2 Signature Bleichenbacher signature verification
124480SalesAgility SuiteCRM Error Message cross site scripting [CVE-2018-15606]
124479Quest JavaMelody PayloadNameRequestWrapper.java parseSoapMethodName xml external entity reference
124478IBM Spectrum Protect access control [CVE-2018-1550]
124477IBM Tivoli Storage Manager inadequate encryption [CVE-2018-1545]
124476Fuji Electric V-Server memory corruption [CVE-2018-14823]
124475Fuji Electric V-Server out-of-bounds read [CVE-2018-14819]
124474Fuji Electric V-Server integer underflow [CVE-2018-14817]
124473Fuji Electric V-Server out-of-bounds write [CVE-2018-14815]
124472Fuji Electric V-Server memory corruption [CVE-2018-14813]
124471Fuji Electric V-Server null pointer dereference [CVE-2018-14811]
124470Fuji Electric V-Server use after free [CVE-2018-14809]
124469Philips e-Alert Unit HTTP Response Header Banner information disclosure
124468Alcatel EE EE40VB 4G OSPREY3_MINI Modem ServiceManager.exe access control
124467WECON LeviStudio Project File memory corruption [CVE-2018-10606]
124466WECON LeviStudio Project File memory corruption [CVE-2018-10602]
124465Inedo ProGet Advanced Settings cross-site request forgery [CVE-2017-15608]
124464Google Chrome Omnibox input validation [CVE-2018-6119]🔒
124463Google Chrome Catalog Service input validation [CVE-2018-6055]🔒
124462IBM DataPower Gateway XML Data xml external entity reference
124461IBM DataPower Gateway Appliance AMP Management Interface Credentials 7pk security
124460IBM Rational Engineering Lifecycle Manager Web UI cross site scripting
124459IBM Rational Engineering Lifecycle Manager XML Data xml external entity reference
124458IBM Rational Engineering Lifecycle Manager XML Data xml external entity reference
124457IBM Rational Engineering Lifecycle Manager Web UI cross site scripting
124456IBM Rational Engineering Lifecycle Manager improper authentication
124455Linux Kernel create_elf_tables integer overflow🔒
124454Adobe Acrobat Reader out-of-bounds read [CVE-2018-12850]🔒
124453Adobe Acrobat Reader out-of-bounds read [CVE-2018-12849]🔒
124452Adobe Acrobat Reader out-of-bounds write [CVE-2018-12848]🔒
124451Adobe Acrobat Reader out-of-bounds read [CVE-2018-12840]🔒
124450Adobe Acrobat Reader out-of-bounds read [CVE-2018-12801]🔒
124449Adobe Acrobat Reader out-of-bounds read [CVE-2018-12778]🔒
124448Adobe Acrobat Reader out-of-bounds read [CVE-2018-12775]🔒
124447Apache HTTP Server SETTINGS Frame input validation [CVE-2018-11763]🔒
124446McAfee True Key Microsoft Windows Client untrusted search path
124445McAfee True Key cross site scripting [CVE-2018-6682]
124444HDF5 H5S.c H5S_extent_get_dims memory corruption
124443HDF5 H5Dselect.c H5D__select_io divide by zero
124442HDF5 H5Odtype.c H5O_dtype_decode_helper resource management
124441HDF5 decompress.c ReadCode out-of-bounds write
124440HDF5 H5Oattr.c H5O_attr_decode memory corruption
124439HDF5 h5repack_filters.c apply_filters divide by zero
124438HDF5 gifread.c ReadGifImageDesc memory corruption
124437HDF5 H5Osdspace.c H5O_sdspace_encode null pointer dereference
124436Asterisk PBX res_http_websocket.so resource management🔒
124435Tgstation tgstation-server Login Cache credentials management
124434Localize My Post Plugin include.php path traversal
124433Wechat Broadcast Plugin Image.php path traversal
124432Avaya Management System Supervisor information disclosure [CVE-2018-15615]
124431Honeywell EDA51 Application access control [CVE-2018-14825]
124430Python Elementtree C Accelerator Collision resource management🔒
124429Linux Kernel ISCSI Target Code chap_server_compute_md5 memory corruption🔒
124428Samsung Galaxy S8 IPCP Header input validation [CVE-2018-14318]
124427Druide Antidote access control [CVE-2018-13140]
124426CryptoSaga random RNG weak prng
124425Samsung Members Intent access control [CVE-2018-11614]
124424Samsung GALAXY Apps Staging Mode access control [CVE-2018-10502]
124423Samsung Notes ZIP File access control [CVE-2018-10501]
124422Samsung GALAXY Apps Push Message access control [CVE-2018-10500]
124421Samsung GALAXY Apps URL input validation [CVE-2018-10499]
124420Samsung Email file:// information disclosure [CVE-2018-10498]
124419Samsung Email EML File access control [CVE-2018-10497]
124418Samsung Internet Browser input validation [CVE-2018-10496]
124417RXTEC RXAdmin sql injection [CVE-2015-8298]
124416TeX Live Type 1 Font writet1.c memory corruption🔒
124415SBIbuddy information disclosure [CVE-2018-17404]
124414PhonePe Wallet com.PhonePe.app credentials management
124413PhonePe Wallet com.PhonePe.app information disclosure
124412PhonePe Wallet Forgot Password com.PhonePe.app password recovery
124411PhonePe Wallet com.PhonePe.app credentials management
124410springboot_authority Stored cross site scripting [CVE-2018-17369]
124409PublicCMS Username credentials management [CVE-2018-17368]
124408MCMS save.do cross-site request forgery
124407OTCMS code injection [CVE-2018-17364]
124406WeaselCMS index.php cross site scripting
124405GNU binutils BFD Library libbfd.c bfd_getl32 memory corruption
124404GNU binutils BFD Library opncls.c bfd_zalloc memory corruption
124403GNU binutils BFD Library syms.c _bfd_stab_section_find_nearest_line memory corruption
124402BigTree CMS Rewrite Routing launch.php improper authentication
124401pdfalto XmlAltoOutputDev.cc dump memory corruption
124400udisks udiskslogging.c udisks_log format string🔒
124399libsvg2 svg_string.c svgGetNextPathField memory corruption
124398libsvg2 svg_types.c svgStringToLength memory corruption
124397libsvg2 svg_string.c svgGetNextPathField resource management
124396Subsonic Media Server podcastReceiverAdmin.view Stored cross site scripting
124395Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124394Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124393Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124392Samsung SmartThings Hub Video-Core HTTP Server memory corruption
124391Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server clips memory corruption
124390Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124389Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124388Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124387Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
124386YUNUCMS index cross site scripting
124385SeaCMS admin_datarelate.php cross site scripting
124384UCMS aaddpost.php Stored cross site scripting
124383FruityWifi PatataWifi command injection
124382xtimor NMEA Library parser.c nmea_parse memory corruption
124381LG SuperSign CMS getThumbnail code injection
124380HylaFAX/HylaFAX+ Dial-In Session CopyQuality.c++ writeECMData input validation🔒
124379PolyAI mintToken integer overflow
124378LimeSurvey Stored cross site scripting [CVE-2018-17003]
124377Ricoh MP 2001 adrsSetUserWizard.cgi Stored cross site scripting
124376Ricoh Printer Wizard adrsSetUserWizard.cgi Stored cross site scripting
124375Zoho ManageEngine SupportCenter Plus ServiceContractDef.do Stored cross site scripting
124374Zoho ManageEngine Desktop Central Features / Articles cross site scripting
124373SeaCMS admin_video.php sql injection
124372SeaCMS admin_template.php Directory unrestricted upload
124371Microsoft Exchange Server Outlook Web Access logon.aspx server-side request forgery
124370DeDeCMS feedback_ajax.php cross site scripting
124369DeDeCMS xml injection [CVE-2018-16784]
124368Linux Kernel overlayfs Mount access control [CVE-2018-16597]🔒
124367DIESER Profields - Project Custom Fields Access Control access control
124366Avaya Aura Orchestration Designer Runtime Config cross site scripting
124365Avaya Aura Orchestration Designer Runtime Config cross-site request forgery
124364Vectra Cognito Brain/Cognito Sensor Management Console access control
124363Vectra Cognito Brain/Cognito Sensor Web Management Console cross site scripting
124362Vectra Cognito Brain/Cognito Sensor CouchDB input validation
124361webpack-dev-server WebSocket Server Server.js input validation
124360Parcel parcel-bundler WebSocket Server HMRServer.js Message information disclosure
124359Browserify-HMR WebSocket Server information disclosure [CVE-2018-14730]
124358SubSonic tagService.setTags.dwr Stored cross site scripting
124357SubSonic General Settings Stored cross site scripting
124356SubSonic Transcoding Setting Stored cross site scripting
124355SubSonic internetRadioSettings.view Stored cross site scripting
124354Wanscam HW0021 ONVIF Service input validation [CVE-2018-13111]
124353Substratum mintToken integer overflow
124352Intel Core Processor Platform Sample Code Firmware improper authentication
124351Wallabag Configuration Page Stored cross site scripting
124350SoftCase T-Router crontab File access control
124349SoftCase T-Router Protocol permission [CVE-2018-11240]
124348gitolite Setup File information disclosure🔒🔒
124347gitolite .gitolite.rc access control
124346Apache Mesos String Comparison validation information disclosure
124345EspoCRM Draft Message wysiwyg.js Stored cross site scripting
124344EspoCRM Search Panel name-field.tpl Reflected cross site scripting
124343CuppaCMS cu_menus Stored cross site scripting
124342Enalean Tuleap Password Reset password recovery [CVE-2018-17298]
124341Hutool ZipUtil.java unzip path traversal
124340Liblouis lou_translateString.c matchCurrentInput out-of-bounds read🔒
124339WAVM wavm.cpp run null pointer dereference
124338WAVM CLI.h loadModule out-of-bounds read
124337Zoho ManageEngine OpManager oputilsServlet sql injection
124336IBM DB2 access control [CVE-2018-1711]
124335IBM DB2 db2licm memory corruption [CVE-2018-1710]
124334IBM DB2 db2cacpy information disclosure [CVE-2018-1685]
124333HAProxy HPACK Decoder hpack_valid_idx out-of-bounds read🔒
124332Foreman smart_proxy_dynflow improper authentication [CVE-2018-14643]🔒
124331ArcSight Management Center 7pk security [CVE-2018-6505]
124330ArcSight Management Center cross-site request forgery [CVE-2018-6504]
124329ArcSight Management Center Access Control access control [CVE-2018-6503]
124328ArcSight Management Center Reflected cross site scripting [CVE-2018-6502]
124327ArcSight Management Center Access Control access control [CVE-2018-6501]
124326ArcSight Management Center path traversal [CVE-2018-6500]
124325Qualcomm Snapdragon Automobile MAC Address Randomizer cryptographic issues
124324Qualcomm Snapdragon Automobile MAC Address Randomizer RNG cryptographic issues
124323Samsung SmartThings Hub STH-ETH-250 WifiScan memory corruption
124322Samsung SmartThings Hub STH-ETH-250 WifiScan memory corruption
124321IBM Sterling B2B Integrator Standard Edition Installation information disclosure
124320Exiv2 value.cpp copy null pointer dereference
124319Navigate CMS navigate.php Reflected cross site scripting
124318JCK Editor links.php sql injection
124317Zoho ManageEngine OpManager Global Search sql injection [CVE-2018-17243]
124316HDF5 H5Dchunk.c H5D__chunk_set_info_real divide by zero
124315libmp4v2 mp4property.cpp MP4Free use after free
124314libmp4v2 MP4 File mp4track.cpp FinishSdtp out-of-bounds read
124313HDF5 H5Ocache.c H5O__chunk_deserialize resource management
124312HDF5 HDF File H5Dchunk.c H5D__create_chunk_file_map_hyper divide by zero
124311docmarionum1 Slack ArchiveBot archivebot.py cursor.execute sql injection
124310Link-Net LW-N605R Ping systools.asp input validation
124309IBM Business Process Manager Back-End Database sql injection
124308Moxa EDR-810 net_WebCADELETEGetValue os command injection
124307Ubisoft Uplay Desktop Client URI upc.exe input validation
124306Rockwell RSLinx Classic Service Port 44818 memory corruption
124305Rockwell RSLinx Classic Service Port 44818 resource consumption
124304Rockwell RSLinx Classic Service Port 44818 memory corruption
124303Tec4Data SmartCooler missing authentication [CVE-2018-14796]
124302CWJoomla CW Article Attachments PRO Extension download.php sql injection
124301Qualcomm Snapdragon Mobile/Snapdragon Wear ASN.1 double free
124300Qualcomm Snapdragon Automobile WLANWMI Command memory corruption
124299Qualcomm Snapdragon Automobile Random Number Generator cryptographic issues
124298Qualcomm Snapdragon Automobile MAC Address Random cryptographic issues
124297Qualcomm Snapdragon Automobile Video input validation [CVE-2018-11287]
124296Qualcomm Snapdragon Automobile FLAC File out-of-bounds read [CVE-2018-11285]
124295Qualcomm Snapdragon Automobile Access Control access control
124294Qualcomm Snapdragon Automobile TFTP Option Parser array index
124293Qualcomm Snapdragon Automobile TFTP Option Parser array index
124292Qualcomm Snapdragon Automobile Deviceprogrammer/Firehose array index
124291Qualcomm Snapdragon Automobile TZ Cold Boot access control [CVE-2017-18314]
124290Qualcomm Snapdragon Automobile/Snapdragon Mobile HLOS Client Kernel Memory race condition
124289Qualcomm Snapdragon Automobile ICE Regulator null pointer dereference
124288Qualcomm Snapdragon Automobile SPI-I2C Interface access control
124287BlackBerry Enterprise Mobility Server path traversal [CVE-2018-8889]
124286Apache Tika IptcAnpaParser resource management [CVE-2018-8017]
124285Google Android DIAG Service memory corruption [CVE-2018-5905]
124284Elasticsearch Alerting/Monitoring API Credentials information disclosure🔒
124283Kibana Source Field Formatter cross site scripting [CVE-2018-3830]🔒
124282Elastic Cloud Enterprise Roles Token access control [CVE-2018-3829]
124281Elastic Cloud Enterprise Log Credentials log file
124280Elasticsearch repository-azure Plugin Log Credentials credentials management🔒
124279Elasticsearch Snapshot API information disclosure [CVE-2018-3826]🔒
124278Elastic Cloud Enterprise Master Encryption Key cryptographic issues
124277X-Pack Machine Learning ML Job cross site scripting [CVE-2018-3824]🔒
124276X-Pack Machine Learning Jobs cross site scripting [CVE-2018-3823]🔒
124275Google Android Linux Kernel input validation [CVE-2018-3574]
124274Google Android Linux Kernel memory corruption [CVE-2018-3573]
124273IBM Spectrum Scale GPFS File System 7pk security [CVE-2018-1782]
124272Telegram Desktop Search input validation [CVE-2018-17231] [Disputed]
124271Exiv2 types.cpp ul2Data memory corruption
124270Exiv2 types.cpp d2Data memory corruption
124269nmap4j command injection [CVE-2018-17228]
124268Linksys Velop Web Interface zbtest.cgi command injection
124267Snap Creek Duplicator installer.php code injection
124266Open vSwitch ofp-actions.c decode_bundle out-of-bounds read🔒
124265Open vSwitch ofproto.c ofproto_rule_insert__ input validation🔒
124264Open vSwitch ofp-util.c input validation [CVE-2018-17204]🔒
124263Artifex Ghostscript Error input validation [CVE-2018-17183]🔒
124262Linux Kernel vmacache.c vmacache_flush_all use after free🔒
124261Bitcoin Core/Bitcoin Knots Duplicate Input input validation [CVE-2018-17144]🔒
124260DeDeCMS Script File XML xml injection
124259Open-AudIT Professional Orgs Page cross site scripting [CVE-2018-16607]
124258WECON PLC Editor memory corruption [CVE-2018-14792]
124257Symantec Messaging Gateway XML Parser xml external entity reference🔒
124256Symantec Messaging Gateway improper authentication [CVE-2018-12242]🔒
124255Google Android Callback null pointer dereference [CVE-2018-11904]
124254Google Android WLAN Host out-of-bounds write [CVE-2018-11903]
124253Google Android WLAN Host array index [CVE-2018-11902]
124252Google Android bss Request out-of-bounds read [CVE-2018-11898]
124251Google Android Diag Event out-of-bounds read [CVE-2018-11897]
124250Google Android WLAN memory corruption [CVE-2018-11895]
124249Google Android Network Offload Scan integer overflow [CVE-2018-11894]
124248Google Android Scan Request memory corruption [CVE-2018-11893]
124247Google Android WLAN Host array index [CVE-2018-11891]
124246Google Android rssi memory corruption [CVE-2018-11889]
124245Google Android MPDU Data Length integer overflow [CVE-2018-11886]
124244Google Android WLAN array index [CVE-2018-11883]
124243Google Android WLAN memory corruption [CVE-2018-11878]
124242Apache Tika evil.bat" path traversal
124241Apache Tika XML Parser Entity Expansion xml external entity reference
124240NUUO NVRMini2 moses 7pk security🔒
124239NUUO NVRMini2 cgi_system memory corruption [CVE-2018-1149]🔒
124238Foscam C1 Indoor HD Camera UPnP Implementation memory corruption
124237Foscam C1 Indoor HD Camera Web Management Interface memory corruption
124236Foscam C1 Indoor HD Camera Multi-Camera Interface access control
124235Foscam C1 Indoor HD Camera Multi-Camera Interface memory corruption
124234Foscam C1 Indoor HD Camera Multi-Camera Interface memory corruption
124233Foscam C1 Indoor HD Camera Web Management Interface command injection
124232Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2855]
124231IBM Tivoli Monitoring access control [CVE-2017-1794]
124230Huawei Mate 10 Factory Reset Protection 7pk security [CVE-2018-7991]
124229Huawei Mate RS Lock Screen access control [CVE-2018-7929]
124228ENSLTP access control [CVE-2018-6693]
124227McAfee Application/Change Control Microsoft Windows Client access control
124226Neato Botvac Connected Drive Command webserver improper authorization
124225Neato Botvac Connected/Botvac 85 Black Box Log rc4_crypt RC4 inadequate encryption
124224Neato Botvac Connected Manual Control Mode webserver improper authentication
124223Marshmallow Library 7pk security [CVE-2018-17175]🔒
124222Western Digital My Cloud improper authentication [CVE-2018-17153]
124221Coinlancer Access Control access control [CVE-2018-17111]
124220Lucky9io weak prng [CVE-2018-17071]
124219Monstra CMS index.php Listing path traversal
124218Monstra CMS index.php path traversal
124217Microsoft Windows Active Directory Federation Services ls server-side request forgery
124216Circontrol CirCarLife device-id information disclosure
124215Circontrol CirCarLife PLC Status devstat.html improper authentication
124214Circontrol CirCarLife/PowerStudio Open Charge Point Protocol config.xml Credentials credentials management
124213Circontrol CirCarLife repository information disclosure
124212Matrix Synapse Signature Validation access control [CVE-2018-16515]🔒
124211QBee MultiSensor Camera Reuse improper authentication [CVE-2018-16225]
124210AccuSoft PrizmDoc PDF File Stored cross site scripting
124209Undertow write information disclosure
124208Linux Kernel ip_fragment.c ip_frag_reasm input validation🔒
124207Smarty isTrustedResourceDir path traversal
124206Atlassian FishEye/Crucible cross-site request forgery [CVE-2018-13398]
124205Google Android WMA memory corruption [CVE-2018-11869]
124204Google Android nan Response Event memory corruption [CVE-2018-11868]
124203Google Android WMA Roam Synchronization memory corruption [CVE-2018-11863]
124202Google Android ndp Event memory corruption [CVE-2018-11860]
124201Google Android WMA API out-of-bounds write [CVE-2018-11852]
124200Google Android Linux Kernel out-of-bounds write [CVE-2018-11851]
124199Google Android WMA Response use after free [CVE-2018-11843]
124198Google Android WLAN Driver Free memory corruption
124197Google Android WLAN Driver double free [CVE-2018-11840]
124196Google Android WLAN memory corruption [CVE-2018-11836]
124195Google Android Size Validation input validation [CVE-2018-11832]
124194Google Android WMA Roam Synchronization array index [CVE-2018-11827]
124193Google Android WLAN ext scan memory corruption [CVE-2018-11826]
124192Google Android LUT Config use after free [CVE-2018-11818]
124191Apache Karaf WebConsole improper authentication [CVE-2018-11787]
124190Apache Karaf sshd access control [CVE-2018-11786]
124189Google Android WLAN input validation [CVE-2018-11302]
124188Google Android Debug Log Event integer underflow [CVE-2018-11301]
124187Google Android Thread use after free [CVE-2018-11300]
124186Google Android WLAN FW array index [CVE-2018-11299]
124185Google Android memory corruption [CVE-2018-11298]
124184Google Android WMA NDP Event Handler Function out-of-bounds read
124183Google Android WLAN out-of-bounds write [CVE-2018-11296]
124182Google Android WMA out-of-bounds write [CVE-2018-11295]
124181Google Android WLAN input validation [CVE-2018-11294]
124180Google Android out-of-bounds read [CVE-2018-11293]
124179Google Android Multi-Threading use after free [CVE-2018-11286]
124178Google Android Header Checker use after free [CVE-2018-11281]
124177Google Android NAT Entry Input input validation [CVE-2018-11280]
124176Google Android Linux Kernel out-of-bounds read [CVE-2018-11278]
124175Google Android Linux Kernel double free [CVE-2018-11276]
124174Google Android FastbootLib information disclosure [CVE-2018-11275]
124173Google Android Linux Kernel memory corruption [CVE-2018-11274]
124172Google Android Linux Kernel double free [CVE-2018-11273]
124171Google Android Linux Kernel probe double free
124170Google Android Linux Kernel memcpy memory corruption
124169Cloud Foundry Garden-runC File Attribute access control [CVE-2018-11084]
124168Dell EMC Isilon OneFS/EMC IsilonSD Edge Process input validation
124167Python Software Foundation CPython shutil Module command injection🔒
124166Open-Xchange Webmail Time Tag cross site scripting [CVE-2017-6913]
124165McAfee Application/Change Control CLI command injection [CVE-2017-3912]
124164Google Android Flash out-of-bounds read [CVE-2017-15844]
124163Google Android Keystore LK integer overflow [CVE-2017-15828]
124162Google Android gpt Update out-of-bounds read [CVE-2017-15825]
124161Google Android qseecom integer overflow [CVE-2017-15818]
124160Oracle WebCenter Interaction Username information disclosure
124159Oracle WebCenter Interaction Portal Session Cookie httponly 7pk security
124158Oracle WebCenter Interaction Search Service queryd.exe hard-coded credentials
124157Oracle WebCenter Interaction AjaxControl input validation [CVE-2018-16956]
124156Oracle WebCenter Interaction login Reflected cross site scripting
124155Oracle WebCenter Interaction login redirect
124154Oracle WebCenter Interaction portalpages.dll DisplayResponse Reflected cross site scripting
124153Oracle WebCenter Interaction cross-site request forgery [CVE-2018-16952]
124152Apache Camel Mail Path path traversal [CVE-2018-8041]
124151HTML Package parse.go inBodyIM input validation
124150HTML Package parse.go parseCurrentToken input validation
124149Moodle Boost Theme Reflected cross site scripting🔒
124148Moodle Drag/Drop code injection [CVE-2018-14630]🔒
124147PoDoFo ParseToUnicode information disclosure🔒
124146Cloud Foundry Container Runtime Application Log Credentials credentials management
124145Pivotal Cloud Cache BOSH Deployment Log Password log file
124144Apache SpamAssassin Meta Rule Syntax code injection [CVE-2018-11781]🔒
124143Apache SpamAssassin PDFInfo Plugin code injection [CVE-2018-11780]🔒
124142Pivotal Application Service Applications Manager credentials management
124141Pivotal Application Service Usage Service credentials management
124140Foscam C1 Indoor HD Camera Service Port 10001 information disclosure
124139Foscam C1 Indoor HD Camera Recovery Procedure access control
124138Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2857]
124137Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2856]
124136Foscam C1 Indoor HD Camera DDNS Client memory corruption [CVE-2017-2854]
124135Iceni Argus ipStringCreate integer overflow
124134Apache SpamAssassin Scan Engine Parser input validation🔒
124133Insteon Hub HTTP Server information disclosure [CVE-2017-14443]
124132ProcessMaker Enterprise Core Deserialization deserialization
124131Quizlord Plugin admin.php Stored cross site scripting
124130UltimatePOS products unrestricted upload
124129Jibu Pro Plugin quiz_action.php Stored cross site scripting
124128Prezi Next HTML5 7pk security [CVE-2018-17137]
124127zzcms HTTP Header check.php sql injection
124126PHPMyWind web_config.php code injection
124125PHPMyWind web_config.php code injection
124124PHPMyWind goods_update.php code injection
124123PHPMyWind web_config.php code injection
124122PHPMyWind member.php cross site scripting
124121MetInfo feedback_admin.class.php doexport sql injection
124120MyBB Visual Editor Persistent cross site scripting
124119Asus GT-AC5300 blocking_request.cgi null pointer dereference
124118CScms Install.php code injection
124117CScms Plugins.php path traversal
124116EasyCMS swf uploadify.swf cross site scripting
124115Simple POS Management Panel sql injection [CVE-2018-17110]
124114SBIbuddy App Security Question Response path error [CVE-2018-17108]
124113Tinyftpd ftpproto.c do_mkd memory corruption
124112Microweber save_user cross-site request forgery
124111GetSimple CMS settings.php cross-site request forgery [Disputed]
124110QuickAppsCMS cross-site request forgery [CVE-2018-17102]
124109LibTIFF tiff2bw.c cpTags out-of-bounds write🔒
124108LibTIFF ppm2tiff.c multiply_ms integer overflow🔒
124107Olli Parviainen Soundtouch WavFile.cpp WavFileBase memory corruption🔒
124106Olli Parviainen Soundtouch WavFile.cpp WavFileBase double free🔒
124105Olli Parviainen Soundtouch BPMDetect.cpp BPMDetect input validation🔒
124104mpruett Audio File Library sfconvert run memory corruption🔒
124103mackyle xar archive.c xar_unserialize null pointer dereference
124102mackyle xar util.c xar_get_path null pointer dereference
124101DonLinkage php.php information disclosure
124100DonLinkage temporary.txt information disclosure
124099DonLinkage bazy_adresow.php Stored cross site scripting
124098jhead gpsinfo.c ProcessGpsInfo integer overflow🔒
124097OTCMS share_switch.php cross site scripting
124096OTCMS users.php cross site scripting
124095PHP Apache2 sapi_apache2.c php_handler cross site scripting🔒
124094SeaCMS admin_video.php cross site scripting
124093yiqicms comment.php Stored cross site scripting
124092GPP File memory corruption [CVE-2018-17076]
124091HTML Package Insertion Mode HTMLTreeBuilder.cpp input validation
124090Feed Statistics Plugin redirect [CVE-2018-17074]
124089wernsey bitmap 4-Bit Image null pointer dereference [CVE-2018-17073]
124088JSON++ json.y yyparse out-of-bounds read
124087UNL-CMS cross-site request forgery [CVE-2018-17070]
124086UNL-CMS cross-site request forgery [CVE-2018-17069]
124085D-Link DIR-816 A2 Diagnosis handler command injection
124084D-Link DIR-816 A2 formLogin memory corruption
124083D-Link DIR-816 A2 form2systime.cgi handler command injection
124082D-Link DIR-816 A2 DDNS handler memory corruption
124081D-Link DIR-816 A2 sylogapply handler command injection
124080D-Link DIR-816 A2 NTPSyncWithHost handler command injection
124079BullGuard Safe Browsing Search Result cross site scripting [CVE-2018-17061]
124078tcpdf phar:/ Wrapper deserialization [CVE-2018-17057]
124077LG SuperSign CMS Service Port 9080 reboot input validation
124076jhead gpsinfo.c ProcessGpsInfo input validation🔒
124075LG SuperSign CMS ..%2f information disclosure
124074LG SuperSign CMS File Upload ..%2f unrestricted upload
124073LG SuperSign CMS Captcha improper authentication [CVE-2018-16286]
124072oBike Bicycle Hangzhou Luoping Smart Locker Bluetooth LE access control
124071389-ds-base ns-slapd delete_passwdPolicy double free🔒
124070OPC UA Legacy Stack xml external entity reference [CVE-2018-12585]🔒
124069OPC UA memory corruption [CVE-2018-12086]🔒
124068Pivotal Spring AMQP Hostname Validator information disclosure
124067Dell EMC RSA BSAFE Micro Edition Suite ASN.1 Data out-of-bounds read
124066Synametrics SynaMan Password Storage credentials management [CVE-2018-10814]
124065Synametrics SynaMan Heading Field cross site scripting [CVE-2018-10763]
124064Tor Browser Anonymity information disclosure [CVE-2017-16639]
124063IBM Connections input validation [CVE-2018-1791]
124062IBM WebSphere Application Server TLS information disclosure [CVE-2018-1719]
124061K-Net Cisco Configuration Manager devices.php cross site scripting
124060CQU-LANKERS api.php cross site scripting
124059translate man outputBox.vue cross site scripting
124058CMS MaeloStore cross-site request forgery [CVE-2018-17045]
124057YzmCMS user_config_add.html Stored cross site scripting
124056doc2txt Storage.cpp init memory corruption
124055dbf2txt resource management [CVE-2018-17042]
124054miniCMS cross site scripting [CVE-2018-17039]
124053UCMS Level HAndler editpost.php access control
124052UCMS Installation index.php phpinfo code injection
124051UCMS Installation index.php sql injection
124050UCMS index.php cross site scripting
124049Gogs MIME Type cross site scripting [CVE-2018-17031]
124048BigTree CMS Hook process.php code injection
124047Monstra CMS index.php cross site scripting
124046Monstra CMS index.php cross site scripting
124045Monstra CMS index.php cross site scripting
124044Asus GT-AC5300 start_apply.htm cross-site request forgery
124043Asus GT-AC5300 memory corruption [CVE-2018-17022]
124042Asus GT-AC5300 appGet.cgi cross site scripting
124041Asus GT-AC5300 GET Request input validation [CVE-2018-17020]
124040Bro IRC Protocol Name Command Parser IRC.cc input validation
124039TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17018]
124038TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17017]
124037TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17016]
124036TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17015]
124035TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17014]
124034TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17013]
124033TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17012]
124032TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17011]
124031TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17010]
124030TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17009]
124029TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17008]
124028TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17007]
124027TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17006]
124026TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17005]
124025TP-LINK TL-WR886N/TL-WR886N Services input validation [CVE-2018-17004]
124024Apache Mesos libprocess input validation [CVE-2018-1330]
124023Fuji Electric V-Server Packet memory corruption [CVE-2018-10637]
124022QNAP QTS Music Station command injection [CVE-2018-0718]
124021F5 BIG-IP APM Apmd input validation [CVE-2018-5549]🔒
124020F5 BIG-IP APM Virtual Server vdesk redirect🔒
124019F5 WebSafe Alert Server input validation [CVE-2018-5545]
124018LibTIFF tif_unix.c TIFFmemcmp null pointer dereference
124017NASM preproc.c expand_smacro out-of-bounds write
124016Squash TM Administration Panel Password credentials management
124015Lizard lz5_compress.c LZ5_compress_continue out-of-bounds read
124014IBM Maximo Asset Management Error Message information disclosure
124013HiScout GRC Suite Upload unrestricted upload [CVE-2018-16796]
124012Mgetty faxrec.c fax_notify_mail memory corruption🔒
124011Mgetty faxrec.c fax_notify_mail command injection🔒
124010Mgetty login.c strcpy memory corruption🔒
124009Mgetty scrts.c memory corruption🔒
124008Mgetty faxq-helper.c do_activate command injection🔒
124007F5 BIG-IP APM Portal Access Version information disclosure
124006Adobe ColdFusion File input validation [CVE-2018-15960]🔒
124005Adobe ColdFusion Directory information disclosure [CVE-2018-15962]🔒
124004Adobe ColdFusion Folder 7pk security [CVE-2018-15963]🔒
124003Adobe ColdFusion information disclosure [CVE-2018-15964]🔒
124002Adobe ColdFusion unrestricted upload [CVE-2018-15961]🔒🔒
124001Adobe ColdFusion deserialization [CVE-2018-15959]🔒
124000Adobe ColdFusion deserialization [CVE-2018-15958]🔒
123999Adobe ColdFusion deserialization [CVE-2018-15957]🔒
123998Adobe ColdFusion deserialization [CVE-2018-15965]🔒
123997Adobe Flash Player access control [CVE-2018-15967]🔒
123996Microsoft C SDK for Azure IoT certificate validation [CVE-2018-8479]
123995Microsoft Lync Security Feature input validation [CVE-2018-8474]🔒
123994Microsoft Windows GDI information disclosure [CVE-2018-8422]
123993Microsoft Windows Kernel information disclosure [CVE-2018-8419]🔒
123992Microsoft Data.OData data processing [CVE-2018-8269]
123991NoScript Classic Tor Browser 7pk security [CVE-2018-16983]🔒
123990Open Chinese Convert BinaryDict.cpp NewFromFile out-of-bounds read🔒
123989Huawei G9 Lite/Honor 5A/Honor 6X/Honor 8 Factory Reset Protection 7pk security
123988Huawei Smart Phone input validation [CVE-2018-7923]
123987Huawei Smart Phone input validation [CVE-2018-7922]
123986Huawei B315s-22 information disclosure [CVE-2018-7921]
123985Huawei Smart Phone input validation [CVE-2018-7906]
123984Pulse Secure Client SSL Certificate improper authentication [CVE-2018-7572]
123983FreeBSD ELF Header Parser Kernel Memory input validation🔒
123982ERPNext sql injection [CVE-2018-3885]
123981ERPNext sql injection [CVE-2018-3884]
123980ERPNext sql injection [CVE-2018-3883]
123979ERPNext sql injection [CVE-2018-3882]
123978Intel INTEL-SA-00086 Detection Tool code injection [CVE-2018-3686]
123977Intel Data Center Manager SDK Reference UI access control [CVE-2018-3679]
123976Intel Centrino Wireless N/Centrino Advanced N L2CAP Connection Request ibtfltcoex.sys Blue Screen 7pk security
123975Intel CSME/TXE PTT access control [CVE-2018-3659]
123974Intel CSME AMT resource management [CVE-2018-3658]
123973Intel CSME AMT memory corruption [CVE-2018-3657]
123972Intel CSME Subsystem access control [CVE-2018-3655]
123971Intel Converged Security Power Management Controller access control
123970Intel Active Management Technology TLS Bleichenbacher cryptographic issues
123969IBM Datacap Fastdoc Capture improper authentication [CVE-2018-1773]
123968stb stb_image.h stbi__out_gif_code memory corruption
123967dotCMS index.jsp cross site scripting
123966Monstra CMS Captcha cryptographp.php Header Injection response splitting
123965Monstra CMS Registration cross site scripting [CVE-2018-16978]
123964Monstra CMS exception.php information disclosure
123963gitolite access control [CVE-2018-16976]🔒
123962Elefant CMS Stylesheet stylesheet.php input validation
123961Elefant CMS Filemanager drop.php unrestricted upload
123960Wisetail Learning Ecosystem information disclosure [CVE-2018-16971]
123959Wisetail Learning Ecosystem file information disclosure [CVE-2018-16970]
123958Webroot SecureAnywhere Driver write-what-where condition [CVE-2018-16962]
123957Pluck SVG File cross site scripting [CVE-2018-16729]
123956feindura cross site scripting [CVE-2018-16728]
123955razorCMS Settings Stored cross site scripting
123954razorCMS Settings cross site scripting [CVE-2018-16726]
123953D-Link DIR-600M Dynamic DNS Configuration Page cross site scripting
123952e107 CMS banlist.php sql injection
123951e107 CMS Plupload upload.php unrestricted upload
123950radare2 Signature File flirt.c read_module_referenced_functions memory corruption
123949Avaya IP Office one-X Portal access control [CVE-2018-15610]
123948Lone Wolf Technologies loadingDOCS Permission permission [CVE-2018-15502]
123947SCALANCE X300/X408/X414 Web Interface input validation [CVE-2018-13807]
123946Siemens TD Keypad Designer DLL uncontrolled search path [CVE-2018-13806]
123945Siemens SIMATIC WinCC Service Port TCP 5678 access control [CVE-2018-13799]
123944Zoho ManageEngine Desktop Central Self Service Portal access control🔒
123943Zoho ManageEngine Desktop Central access control [CVE-2018-13411]🔒
123942Intel NUC Kit Firmware input validation [CVE-2018-12176]
123941Intel Distribution for Python access control [CVE-2018-12175]
123940Intel Baseboard Management Controller access control [CVE-2018-12171]
123939Intel Computing Improvement Program File Permission access control
123938Intel IoT Developers Kit Installer access control [CVE-2018-12163]
123937Intel OpenVINO Toolkit Permission access control [CVE-2018-12162]
123936Intel Data Center Migration Center Software DLL injection [CVE-2018-12160]
123935Intel Extreme Tuning Utility memory corruption [CVE-2018-12151]
123934Intel Extreme Tuning Utility Installer memory corruption [CVE-2018-12150]
123933Intel Extreme Tuning Utility memory corruption [CVE-2018-12149]
123932Intel Driver/Support Assistant File Permission access control
123931STMicroelectronics STM32F0 RDP Level 1 race condition [CVE-2017-18347]
123930FreeBSD setrlimit memory corruption
123929FreeBSD Stack Guard memory corruption [CVE-2017-1084]
123928FreeBSD Stack Guard memory corruption [CVE-2017-1083]
123927FreeBSD qsort Algorithm input validation [CVE-2017-1082]
123926VMware Content Locker Data Protection information disclosure
123925AirWatch Agent Data Protection cryptographic issues [CVE-2018-6975]
123924SAP HANA input validation [CVE-2018-2465]
123923SAP WebDynpro Java Stored cross site scripting [CVE-2018-2464]
123922SAP Hybris Commerce Omni Commerce Connect API server-side request forgery
123921SAP NetWeaver BI BEx Web Java Runtime Export Web Service input validation
123920SAP HCM Fiori People Profile improper authorization [CVE-2018-2461]
123919SAP Business One Certificate Validation certificate validation
123918SAP Mobile Platform Offline OData Application 7pk security [CVE-2018-2459]
123917SAP Business One Crystal Report information disclosure [CVE-2018-2458]
123916SAP Adaptive Server Enterprise information disclosure [CVE-2018-2457]
123915SAP Enterprise Financial Services improper authorization [CVE-2018-2455]
123914SAP Enterprise Financial Services Authorization improper authorization
123913SAP NetWeaver AS JAVA Logon Application cross site scripting
123912xunfeng masscan.py cross-site request forgery
123911Inteno DG400 input validation [CVE-2018-16950]
123910OpenAFS RPC resource consumption [CVE-2018-16949]🔒
123909OpenAFS RPC Server information disclosure [CVE-2018-16948]🔒
123908OpenAFS Backup Tape Controller access control [CVE-2018-16947]🔒
123907LG LNB/LND/LNU/LNV Access Control t.report credentials management
123906Rubedo passwd path traversal
123905xunfeng AntiCSRF.py cross-site request forgery [CVE-2018-16832]
123904Smarty Protection Mechanism path traversal [CVE-2018-16831]
123903Subsonic Music Streamer Server Certificate Validator certificate validation
123902Red Hat Gluster Storage Tendrl API session fixiation [CVE-2018-1127]🔒
123901Undertow File Descriptor URLResource.getLastModified resource consumption🔒
123900Dell EMC VPLEX GeoSynchrony VPN Configuration File permission
123899Dell EMC RSA BSAFE Crypto-J/RSA BSAFE SSL-J PKCS #1 Bleichenbacher cryptographic issues
123898Dell EMC RSA BSAFE SSL-J RSA Decryption cryptographic issues
123897Dell EMC RSA BSAFE SSL-J 7pk security [CVE-2018-11068]
123896Openshift Container Platform tetonic-console cross site scripting
123895389 Directory Server ldapsearch input validation [CVE-2018-10935]🔒
123894spice-client LZ Compressed Frame integer overflow [CVE-2018-10893]🔒
123893Linux Kernel KVM Hypervisor access control [CVE-2018-10853]🔒
123892PowerDNS/PowerDNS Recursor TSIG Signature input validation [CVE-2016-7074]🔒🔒
123891PowerDNS/PowerDNS Recursor TSIG Signature input validation [CVE-2016-7073]🔒🔒
123890Ansible Tower PostgreSQL Database access control [CVE-2016-7070]
123889dnsdist Pointer Arithmetic input validation [CVE-2016-7069]🔒🔒
123888PowerDNS/PowerDNS Recursor DNS Server resource consumption [CVE-2016-7068]🔒🔒
123887Red Hat JBoss Enterprise Application Platform CLI auth permission
123886CloudForms API MiqReportResults information disclosure [CVE-2016-7047]
123885Infinispan Java Client deserialization [CVE-2016-0750]
123884Pivotal Cloud Foundry Elastic Runtime information disclosure
123883Microsoft Internet Explorer Security Feature Universal cross site scripting🔒
123882Microsoft Edge AppContainer Sandbox access control [CVE-2018-8469]🔒
123881Microsoft Windows Sandbox access control [CVE-2018-8468]🔒
123880Microsoft Edge AppContainer Sandbox access control [CVE-2018-8463]🔒
123879Microsoft Windows DirectX Graphics access control [CVE-2018-8462]🔒
123878Microsoft Windows Kernel access control [CVE-2018-8455]🔒
123877Microsoft Internet Explorer Scripting Engine memory corruption🔒
123876Microsoft Edge/ChakraCore Scripting Engine information disclosure🔒
123875Microsoft Windows Device Guard Security Feature 7pk security🔒
123874Microsoft Windows Kernel information disclosure [CVE-2018-8446]🔒
123873Microsoft Windows Kernel information disclosure [CVE-2018-8445]🔒
123872Microsoft Windows SMB information disclosure [CVE-2018-8444]🔒
123871Microsoft Windows Kernel information disclosure [CVE-2018-8443]🔒
123870Microsoft Windows Kernel information disclosure [CVE-2018-8442]🔒
123869Microsoft Windows Subsystem for Linux integer overflow [CVE-2018-8441]🔒
123868Microsoft Windows Hyper-V input validation [CVE-2018-8438]🔒
123867Microsoft Windows Hyper-V input validation [CVE-2018-8437]🔒
123866Microsoft Windows Hyper-V input validation [CVE-2018-8436]🔒
123865Microsoft Windows Security Feature 7pk security [CVE-2018-8435]🔒
123864Microsoft Windows Hyper-V information disclosure [CVE-2018-8434]🔒
123863Microsoft Windows Graphics Component information disclosure [CVE-2018-8433]🔒
123862Microsoft SharePoint Enterprise Server access control [CVE-2018-8431]🔒
123861Microsoft Excel information disclosure [CVE-2018-8429]🔒
123860Microsoft SharePoint Enterprise Server access control [CVE-2018-8428]🔒
123859Microsoft SharePoint Enterprise Server cross site scripting [CVE-2018-8426]🔒
123858Microsoft Windows GDI information disclosure [CVE-2018-8424]🔒
123857Microsoft Windows Registry access control [CVE-2018-8410]🔒
123856Microsoft ASP.NET Core/.NET Core System.IO.Pipelines input validation🔒
123855Microsoft Edge Fetch API information disclosure [CVE-2018-8366]🔒
123854Microsoft Windows Subsystem for Linux 7pk security [CVE-2018-8337]🔒
123853Microsoft Windows Kernel Memory information disclosure🔒
123852Microsoft Windows Kernel Driver bowser.sys Memory information disclosure🔒
123851Microsoft Windows ALPC access control [CVE-2018-8440]🔒
123850Microsoft Edge input validation [CVE-2018-8425]🔒
123849Microsoft Windows SMB input validation [CVE-2018-8335]🔒
123848Microsoft Internet Explorer Scripting Engine information disclosure🔒
123847Microsoft Edge/ChakraCore Scripting Engine information disclosure🔒
123846Microsoft Office memory corruption [CVE-2018-8331]🔒
123845Microsoft Internet Explorer memory corruption [CVE-2018-8447]🔒
123844Microsoft Word PDF File access control [CVE-2018-8430]🔒
123843Microsoft Windows JET Database Engine memory corruption [CVE-2018-8393]🔒
123842Microsoft Windows JET Database Engine memory corruption [CVE-2018-8392]🔒
123841Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
123840Microsoft .NET Framework input validation [CVE-2018-8421]🔒
123839Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
123838Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
123837Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
123836Microsoft Edge PDF Reader memory corruption [CVE-2018-8464]🔒
123835Microsoft Edge Scripting Engine memory corruption [CVE-2018-8457]🔒
123834Microsoft Internet Explorer Scripting Engine memory corruption🔒
123833Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
123832Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
123831Microsoft Internet Explorer memory corruption [CVE-2018-8447]🔒
123830Microsoft Windows Hyper-V input validation [CVE-2018-8439]🔒
123829Microsoft ChakraCore Scripting Engine memory corruption [CVE-2018-8391]
123828Microsoft Windows Win32k Graphics access control [CVE-2018-8332]🔒
123827Microsoft Windows Image input validation [CVE-2018-8475]🔒
123826Microsoft Internet Explorer memory corruption [CVE-2018-8461]🔒
123825Microsoft Windows MSXML Parser xml external entity reference🔒
123824Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
123823Microsoft Windows Hyper-V input validation [CVE-2018-0965]🔒
123822Samsung SmartThings Hub STH-ETH-250 Credentials memory corruption
123821Bro Kerberos Protocol Parser main.bro resource management
123820Pektron Passive Keyless Entry/Start DST40 cryptographic issues
123819b3log Solo Site name Stored cross site scripting
123818IBM QRadar command injection [CVE-2018-1571]
123817openstack-neutron access control [CVE-2018-14636]
123816openstack-neutron Linux Bridge ml2 Driver input validation [CVE-2018-14635]
123815OpenStack rabbitmq input validation [CVE-2018-14620]
123814Apache ActiveMQ Client TLS Hostname Verification 7pk security🔒
123813Samsung SmartThings Hub Video-Core Process clips memory corruption
123812Samsung SmartThings Hub Video-Core Process clips memory corruption
123811Artifex Ghostscript Incomplete Fix access control [CVE-2018-16802]🔒
123810PotPlayer PotPlayerMini.exe memory corruption
123809libbson bson-iter.c _bson_iter_next_internal memory corruption🔒
123808FURUNO FELCOM 250/FELCOM 500 permission.xml Credentials credentials management
123807Monstra CMS Privileges credentials management [CVE-2018-16608]
123806FURUNO FELCOM 250/FELCOM 500 Password sm_changepassword.cgi access control
123805Monstra CMS code injection [CVE-2018-15886]
123804Linux Kernel vm Guest connect Kernel Memory race condition🔒
123803Docker Moby Docker Engine certificate validation [CVE-2018-12608]
123802IBM OpenPages GRC Platform Log File information disclosure [CVE-2017-1679]
123801ProcessMaker Enterprise Core sql injection [CVE-2016-9048]
123800Foreman information disclosure [CVE-2016-7078]
123799Foreman Form Helper information disclosure [CVE-2016-7077]
123798OpenShift Enterprise X.509 Certificate Validation certificate validation🔒
123797PowerDNS Authoritative Server Web Server resource consumption🔒🔒
123796CloudForms Permission improper authorization [CVE-2016-7071]
123795Monit cross-site request forgery [CVE-2016-7067]🔒🔒
123794Red Hat JBoss Enterprise Application Platform RBAC information disclosure🔒
123793Drools Workbench path traversal [CVE-2016-7041]
123792Pacemaker IPC Interface improper authorization [CVE-2016-7035]🔒🔒
123791ImageWorsener libimageworsener.a bmpr_read_rle_internal memory corruption
123790ffjpeg ffjpeg.dll input validation [CVE-2018-16781]
123789Complete Responsive CMS Blog Comment cross site scripting [CVE-2018-16780]
123788BlogCMS Comment cross site scripting [CVE-2018-16779]
123787wityCMS Site Name cross site scripting [CVE-2018-16776]
123786Victor CMS Categories cross site scripting [CVE-2018-16775]
123785HongCMS path traversal [CVE-2018-16774]
123784EasyCMS cross site scripting [CVE-2018-16773]
123783Hoosk Navigation Title cross site scripting [CVE-2018-16772]
123782Hoosk Installation config.php code injection
123781WAVM WebAssembly Virtual Machine input validation [CVE-2018-16770]
123780WAVM WebAssembly Virtual Machine libRuntime.so runOnFunction input validation
123779WAVM WebAssembly Virtual Machine end memory corruption
123778WAVM WebAssembly Virtual Machine popAndValidateOperand memory corruption
123777WAVM WebAssembly Virtual Machine unreachable input validation
123776WAVM WebAssembly Virtual Machine else_ memory corruption
123775WAVM WebAssembly Virtual Machine catch_all memory corruption
123774Fuel CMS input validation [CVE-2018-16763]
IDTitleNessusOpenVASSnortSuricataTippingPoint
123773Fuel CMS sql injection [CVE-2018-16762]
123772Eventum redirect [CVE-2018-16761]
123771EasyCMS common.php removeXSS cross site scripting
123770ImageMagick meta.c formatIPTCfromBuffer resource management🔒
123769ImageMagick png.c ReadOneJNGImage null pointer dereference🔒
123768rcfilters Plugin cross site scripting [CVE-2018-16736]
123767Go Ethereum api_tracer.go TraceChain input validation
123766CScms Setting.php cross-site request forgery
123765CScms JSON Data unrestricted upload [CVE-2018-16731]
123764CScms Site name Install.php cross site scripting
123763baijiacms ZeroClipboard.swf cross site scripting
123762baijiacms Blind sql injection [CVE-2018-16724]
123761Absolute CTES Windows Agent Permission permission
123760CremeCRM Stored cross site scripting [CVE-2018-9283]
123759ProtonVPN VPN Client Configuration File os command injection
123758NordVPN Configuration File os command injection [CVE-2018-3952]
123757IBM API Connect server-side request forgery [CVE-2018-1789]
123756IBM Security Identity Governance/Intelligence IGI information disclosure
123755IBM Security Identity Governance/Intelligence Back-End Database sql injection
123754OctoPrint Service Port 8081 information disclosure [CVE-2018-16710]
123753Fuji Xerox ApeosPort-V 5070 PJL Command command injection [CVE-2018-16709]
123752Gleez CMS Profile Page information disclosure [CVE-2018-16704]
123751Gleez CMS Access Control 7pk security [CVE-2018-16703]
123750Contiki-NG AQL lvm.c create_union memory corruption
123749Contiki-NG AQL aql-lexer.c next_string memory corruption
123748Contiki-NG AQL lvm.c lvm_shift_for_operator memory corruption
123747Contiki-NG AQL lvm.c lvm_set_type memory corruption
123746Contiki-NG AQL aql-parser.c parse_relations memory corruption
123745Linux Kernel cdrom.c cdrom_ioctl_drive_status Kernel Memory information disclosure🔒
123744Kamailio SIP Message crcitt_string_array input validation🔒
123743Gxlcms ThinkException.tpl.php cross site scripting [CVE-2018-16655]
123742Zurmo cross site scripting [CVE-2018-16654]
123741rejucms cms_user_add.php cross site scripting
123740phpMyFAQ Admin Backend injection [CVE-2018-16651]
123739phpMyFAQ cross-site request forgery [CVE-2018-16650]
123738ps Package os command injection [CVE-2018-16460]
123737PHP Scripts Mall Olx Clone input validation [CVE-2018-16454]
123736mndpsingh287 File Manager Plugin cross site scripting [CVE-2018-16363]
123735Endress+Hauser WirelessHART Fieldgate SWG70 wgsetcgi path traversal
123734IBM WebSphere Application Server SOAP Connector deserialization
123733simplelottery PayWinner weak prng
123732KONE Group Controller HTTP interfaces access control [CVE-2018-15486]
123731KONE Group Controller ftp improper authentication [CVE-2018-15485]
123730KONE Group Controller HTTP interfaces os command injection [CVE-2018-15484]
123729KONE Group Controller HTTP interfaces input validation [CVE-2018-15483]
123728DokuWiki CSV Export admin.php input validation [Disputed]
123727Creme CRM Cancel Button redirect [CVE-2018-14398]
123726Creme CRM Organization Creation Page Stored cross site scripting
123725Creme CRM Salesman Creation Page Stored cross site scripting
123724Solarwinds DameWare Mini Remote Control memory corruption [CVE-2018-12897]
123723I-O DATA TS-WRLP/TS-WRLA hard-coded credentials [CVE-2018-0663]
123722I-O DATA TS-WRLP/TS-WRLA access control [CVE-2018-0662]
123721I-O DATA TS-WRLP/TS-WRLA Access Restriction access control [CVE-2018-0661]
123720AttacheCase ATC File path traversal [CVE-2018-0660]
123719AttacheCase ATC File path traversal [CVE-2018-0659]
123718EC-CUBE Payment Module/GMO-PG Payment Module input validation
123717EC-CUBE Payment Module/GMO-PG Payment Module cross site scripting
123716GROWI Admin Page cross site scripting [CVE-2018-0655]
123715GROWI Wiki Page cross site scripting [CVE-2018-0654]
123714GROWI Wiki Page cross site scripting [CVE-2018-0653]
123713GROWI Admin Page cross site scripting [CVE-2018-0652]
123712Line Music X.509 Certificate certificate validation [CVE-2018-0650]
123711Canon IT Solutions ESET Smart Security Premium DLL Loader untrusted search path
123710ChatWork Desktop App DLL Loader untrusted search path [CVE-2018-0648]
123709WL-330NUL cross-site request forgery [CVE-2018-0647]
123708MTAppjQuery unrestricted upload [CVE-2018-0645]
123707Ubuntu Orca memory corruption [CVE-2018-0644]
123706Ubuntu Orca os command injection [CVE-2018-0643]
123705FV Flowplayer Video Player cross site scripting [CVE-2018-0642]
123704Yayoi Kaikei ykkapi.dll untrusted search path [CVE-2018-0624]
123703Yayoi Kaikei msjet49.dll untrusted search path [CVE-2018-0623]
123702Antenna House DMC HTMLFilter Txo memory corruption [CVE-2017-2795]
123701Antenna House DMC HTMLFilter iBldDirInfo memory corruption [CVE-2017-2792]
123700Homeputer CL Studio fur HomeMatic credentials management [CVE-2017-17691]
123699IBM Campaign injection [CVE-2017-1115]
123698IBM Campaign Web UI cross site scripting [CVE-2017-1114]
123697Information Builders WebFOCUS Business Intelligence command injection
123696Joyent SmartOS Hyprlofs File System resource consumption [CVE-2016-9040]
123695Pulse Secure Pulse Connect Secure/Pulse Policy Secure login.cgi input validation
123694Linux Kernel IP Fragment Reassembly input validation [CVE-2018-5391]🔒
123693Internet Key Exchange cryptographic issues [CVE-2018-5389]
123692Adobe Experience Manager cross site scripting [CVE-2018-5005]
123691Artifex MuPDF buffer.c fz_append_byte array index🔒
123690Artifex MuPDF pdf-xref.c pdf_get_xref_entry memory corruption🔒
123689Poppler Parser.cc getObj resource consumption🔒
123688ImageMagick bmp.c ReadBMPImage resource management🔒
123687ImageMagick dcm.c ReadDCMImage input validation🔒
123686ImageMagick dcm.c fputc input validation🔒
123685ImageMagick cut.c InsertRow out-of-bounds write🔒
123684ImageMagick tiff.c TIFFWritePhotoshopLayers resource management🔒
123683ImageMagick png.c ReadOneJNGImage resource management🔒
123682DoraCMS addOne cross site scripting
123681FURUNO FELCOM 250/FELCOM 500 Javascript improper authentication
123680NASM labels.c null pointer dereference
123679Technicolor TG588V V2 7pk security [CVE-2018-16310]
123678UserPro Plugin admin-ajax.php cross site scripting
123677Pulse Secure Desktop Client Dynamic Certificate Trust access control
123676Pulse Secure Secure Desktop access control [CVE-2018-15865]
123675Pulse Secure Secure Desktop format string [CVE-2018-15749]
123674Pulse Secure Secure Desktop access control [CVE-2018-15726]
123673Pulse Secure Pulse Connect Secure/Pulse Policy Secure download.cgi redirect
123672Adrenalin GeneralInfo.aspx Reflected cross site scripting
123671okular document.cpp unpackDocumentArchive path traversal🔒
123670sympa Reflected redirect [CVE-2018-1000671]🔒
123669Koha Library System cross site scripting [CVE-2018-1000670]
123668Koha Library System paycollect.pl cross-site request forgery
123667Ice Qube Thermal Management Center Password Storage credentials management
123666Ice Qube Thermal Management Center improper authentication [CVE-2017-14026]
123665IBM WebSphere Application Server Form Login access control [CVE-2018-1695]
123664ProConf information disclosure [CVE-2018-16606]
123663Nibbleblog code injection [CVE-2018-16604]
123662Artifex Ghostscript Postscript Command memory corruption [CVE-2018-16585]🔒
123661exceljs Cell Value cross site scripting [CVE-2018-16459]
123660Openshift Container Platform API Service out-of-bounds write🔒
123659389-ds-base Log File log__error_emergency input validation🔒
123658Google Android Radio array index [CVE-2018-11263]
123657zephyr-rtos Kernel API sys_ring_buf_put null pointer dereference
123656WordPress Thumbnail input validation [CVE-2018-1000773]
123655Jsish jsiObj.c jsi_ObjArrayLookup out-of-bounds read
123654NASM nasm.c depend_ptr) memory corruption
123653GIG NV JumpScale Portal 7 os command injection [CVE-2018-1000666]
123652Dojo Objective Harness unit.html cross site scripting
123651daneren2005 DSub for Subsonic Server Certificate certificate validation
123650Jsish jsiEval.c _jsi_evalcode memory corruption
123649Jsish jsiUtils.c null pointer dereference
123648TOCK Permission tbfheader.rs permission
123647LimeSurvey File Upload path traversal [CVE-2018-1000659]
123646LimeSurvey File Upload unrestricted upload [CVE-2018-1000658]
123645WordPress Thumbnail input validation [CVE-2017-1000600]
123644Fortinet FortiOS RSA PKCS #1 v1.5 cryptographic issues [CVE-2018-9194]
123643Fortinet FortiOS RSA PKCS #1 cryptographic issues [CVE-2018-9192]
123642MicroPyramid Django-CRM cross-site request forgery [CVE-2018-16552]
123641LavaLite edit cross site scripting
123640TeamViewer Protection Mechanism credentials management [CVE-2018-16550]
123639Hscripts PHP File Browser Script index.php path traversal
123638ZZIPlib zip.c __zzip_parse_root_directory resource management
123637Monstra Networked Device SSL Private Key cryptographic issues
123636Kaizen Asset Manager/Training Manager isxdl.dll access control
123635Artifex Ghostscript gsgetresolution memory corruption🔒
123634Artifex Ghostscript Error 7pk error [CVE-2018-16542]🔒
123633Artifex Ghostscript PostScript File use after free [CVE-2018-16541]🔒
123632Artifex Ghostscript PDF14 Converter use after free [CVE-2018-16540]🔒
123631Artifex Ghostscript PostScript File information disclosure [CVE-2018-16539]🔒
123630HTML Form Entry xml external entity reference [CVE-2018-16521]
123629Prim'X Zed! FREE/Zed! Limited Edition Startup path traversal
123628Flask-Admin URL helpers.py Reflected cross site scripting
123627Artifex Ghostscript Interpreter setcolor type conversion🔒
123626Gxlcms path traversal [CVE-2018-16437]
123625Gxlcms sql injection [CVE-2018-16436]
123624e107 CMS cross site scripting [CVE-2018-16381]🔒
123623Btiteam XBTIT news.php cross site scripting
123622Xiaomi MIWiFi Xiaomi_55DD External information disclosure [CVE-2018-16307]
123621FsPro Labs Event Log Explorer elx File xml external entity reference
123620Opsview Monitor REST Endpoint rest cross site scripting
123619Opsview Monitor router cross site scripting
123618Opsview Monitor Web Management Console command injection [CVE-2018-16146]
123617Opsview Monitor opsview-reporting-module access control
123616Opsview Monitor command injection [CVE-2018-16144]
123615Jorani Error sql injection [CVE-2018-15918]
123614Jorani Persistent cross site scripting [CVE-2018-15917]
123613Btiteam XBTIT Error Log logs Stored information disclosure
123612Btiteam XBTIT Login Page redirect [CVE-2018-15683]
123611Btiteam XBTIT cross-site request forgery [CVE-2018-15682]
123610Btiteam XBTIT Password Hash credentials management [CVE-2018-15681]
123609Btiteam XBTIT Password Storage MD5 credentials management
123608Btiteam XBTIT search Reflected cross site scripting
123607Btiteam XBTIT Reflected cross site scripting [CVE-2018-15678]
123606Btiteam XBTIT cross site scripting [CVE-2018-15677]
123605Btiteam XBTIT crk_protection.php Evasion 7pk security
123604Vivotek FD8177 eventscript.cgi command injection
123603Vivotek XXXXXX-VVTK-xx06a ONVIF Interface device_service command injection
123602Vivotek FD8177 cross-site request forgery [CVE-2018-14769]
123601cURL NTLM Authentication Code Curl_ntlm_core_mk_nt_hash integer overflow🔒
123600Fortinet FortiManager Interface information disclosure [CVE-2018-1353]🔒
123599NodeJS Tough-Cookie HTTP Cookie input validation [CVE-2016-1000232]🔒🔒
123598Ubiquiti airMAX/airFiber/airGateway/EdgeSwitch XP Web Management Interface path traversal
123597Artifex Ghostscript Interpreter type conversion [CVE-2018-16511]🔒
123596Artifex Ghostscript Interpreter memory corruption [CVE-2018-16510]🔒
123595Artifex Ghostscript access control [CVE-2018-16509]🔒
123594zsh Shebang Line input validation [CVE-2018-13259]🔒
123593zsh Script File input validation [CVE-2018-0502]🔒
123592Huawei Mate 10 Pro Find My Phone 7pk security [CVE-2018-7990]
123591Huawei P10 Permission information disclosure [CVE-2018-7938]
123590Huawei HiRouter-CD20-10 Plugin-In Signature access control [CVE-2018-7937]
123589Huawei Mate 10 Pro Factory Reset Protection 7pk security [CVE-2018-7936]
123588Linux Kernel af_irda.c irda_setsockopt use after free🔒
123587Linux Kernel af_irda.c irda_bind resource management🔒
123586WildFly IIOP OpenJDK Subsystem cryptographic issues [CVE-2018-14627]🔒
123585Google Android Linux Kernel out-of-bounds write [CVE-2018-11262]
123584glusterfs Server RPC Request gfs3_rename_req access control🔒
123583glusterfs Server RPC Request gfs2_create_req input validation🔒
123582glusterfs Server RPC Request gfs3_symlink_req link following🔒
123581glusterfs Server RPC Request gfs3_lookup_req input validation🔒
123580glusterfs Server RPC Request gfs3_mknod_req path traversal🔒
123579GlusterFS fsync resource consumption
123578glusterfs Server mknod input validation🔒
123577GlusterFS FUSE null pointer dereference [CVE-2018-10914]🔒
123576glusterfs Server FUSE information disclosure [CVE-2018-10913]🔒
123575GlusterFS Key Length dic_unserialize Memory deserialization🔒
123574glusterfs Server server-rpc-fopc.c memory corruption🔒
123573glusterfs Server debug io-stats Translator untrusted search path🔒
123572AttacheCase code injection [CVE-2018-0675]
123571AttacheCase code injection [CVE-2018-0674]
123570Movable Type cross site scripting [CVE-2018-0672]
123569NoMachine App Environment Variable input validation [CVE-2018-0664]
123568Digital Paper App Installer untrusted search path [CVE-2018-0656]
123567Explzh path traversal [CVE-2018-0646]
123566baigo CMS cross-site request forgery [CVE-2018-16458]
123565CraftedWeb Reflected cross site scripting [CVE-2018-16450]
123564OneThink cross-site request forgery [CVE-2018-16449]
123563CScms save cross-site request forgery
123562Frog CMS cross-site request forgery [CVE-2018-16447]
123561SeaCMS admin_database.php path traversal
123560SeaCMS admin_topic_vod.php sql injection
123559SeaCMS admin_reslib.php server-side request forgery [CVE-2018-16444]
123558HDF5 H5Lexternal.c H5L_extern_query out-of-bounds read
123557Little CMS cmscgats.c SetData integer overflow🔒
123556BlueCMS sql injection [CVE-2018-16432]
123555YFCMF adminsave.html cross-site request forgery
123554GNU Libextractor zip_extractor.c EXTRACTOR_zip_extract_method out-of-bounds read🔒
123553GNOME glib gmarkup.c g_markup_parse_context_parse out-of-bounds read🔒
123552GNOME glib gmarkup.c g_markup_parse_context_end_parse null pointer dereference🔒
123551OpenSC Response out-of-bounds read [CVE-2018-16427]🔒
123550OpenSC IAS-ECC Card card-iasecc.c resource management🔒
123549OpenSC HSM Card pkcs15-sc-hsm.c sc_pkcs15emu_sc_hsm_init double free🔒
123548OpenSC eGK Card Tool egk-tool.c double free🔒
123547OpenSC sc.c sc_file_set_sec_attr double free🔒
123546OpenSC esteid Card pkcs15-esteid.c sc_pkcs15emu_esteid_init memory corruption🔒
123545OpenSC CAC Card card-cac.c cac_get_serial_nr_from_CUID memory corruption🔒
123544OpenSC ePass 2003 Card card-epass2003.c decrypt_response memory corruption🔒
123543OpenSC Cryptoflex Card cryptoflex-tool.c read_public_key memory corruption🔒
123542OpenSC util.c util_acl_to_str memory corruption🔒
123541Fuel CMS cross-site request forgery [CVE-2018-16416]
123540ImageMagick quantum-private.h ParseImageResourceBlocks memory corruption🔒
123539ImageMagick psd.c ParseImageResourceBlocks memory corruption🔒
123538Vanilla deleteInvitation sql injection
123537Gogs server-side request forgery [CVE-2018-16409]
123536D-Link DIR-846 SetNetworkTomographySettings Request access control
123535Mayan EDMS Tags App cross site scripting [CVE-2018-16407]
123534Mayan EDMS Cabinets App cross site scripting [CVE-2018-16406]
123533Mayan EDMS Appearance App cross site scripting [CVE-2018-16405]
123532elfutils libdw dwarf_getabbrev.c dwarf_getabbrev memory corruption🔒
123531elfutils Decompression elf_end.c double free🔒
123530Twistlock AuthZ Broker Regular Expression 7pk security [CVE-2018-16398]
123529LimeSurvey File Upload unrestricted upload [CVE-2018-16397]
123528OpenSC Gemsafe V1 Smartcard pkcs15-gemsafeV1.c gemsafe_get_cert_len memory corruption🔒
123527OpenSC TCOS Card card-tcos.c tcos_select_file memory corruption🔒
123526OpenSC Muscle Card card-muscle.c muscle_list_files memory corruption🔒
123525Elefant CMS cross-site request forgery [CVE-2018-16387]
123524ThinkPHP index sql injection
123523OWASP ModSecurity Core Rule Set sql injection [CVE-2018-16384]
123522Netwide Assembler regflags.c out-of-bounds read
123521Ogma CMS cross-site request forgery [CVE-2018-16380]
123520Ogma CMS Theme Options cross site scripting [CVE-2018-16379]
123519OpenJPEG t2.c t2_encode_packet out-of-bounds write
123518OpenJPEG pnmtoimage memory corruption
123517Frog CMS Stored cross site scripting [CVE-2018-16374]
123516Frog CMS unrestricted upload [CVE-2018-16373]
123515IdeaCMS Reflected cross site scripting [CVE-2018-16372]
123514PESCMS Team Reflected cross site scripting [CVE-2018-16371]
123513PESCMS Team unrestricted upload [CVE-2018-16370]
123512Foo Labs Xpdf XRef.cc fetch resource management
123511Foo Labs Xpdf SplashXPath.cc strokeAdjust memory corruption
123510OnlineJudge Sandbox tmp access control
123509idreamsoft iCMS cross-site request forgery [CVE-2018-16366]
123508idreamsoft iCMS cross-site request forgery [CVE-2018-16365]
123507Source Integration Plugin repo_manage_page.php cross site scripting
123506Google gVisor Seccomp Sandbox access control [CVE-2018-16359]
123505DotClear Media Manager class.dc.core.php cross site scripting
123504FHCRM read sql injection
123503FHCRM read sql injection
123502WeaselCMS PNG File index.php unrestricted upload
123501WUZHI CMS cross site scripting [CVE-2018-16350]
123500WUZHI CMS cross site scripting [CVE-2018-16349]
123499SeaCMS admin_video.php cross site scripting
123498Gleez CMS resize cross site scripting
123497ChemCMS Settings cross site scripting [CVE-2018-16346]
123496EasyCMS cross-site request forgery [CVE-2018-16345]
123495zzcms path traversal [CVE-2018-16344]
123494SeaCMS main.class.php parseIf code injection
123493ShowDoc New Page cross site scripting [CVE-2018-16342]
123492EmpireCMS cross-site request forgery [CVE-2018-16339]
123491auraCMS cross-site request forgery [CVE-2018-16338]
123490CScms save cross-site request forgery
123489Exiv2 parseTXTChunk memory corruption🔒
123488LibTIFF TIFF File tif_dirread.c ChopUpSingleUncompressedStrip memory corruption🔒
123487Tenda AC9/AC10 doSystemCmd os command injection
123486Tenda AC7/AC9/AC10/AC15/AC18 Web Server memory corruption [CVE-2018-16333]
123485iCMS cross-site request forgery [CVE-2018-16332]
123484DamiCMS cross-site request forgery [CVE-2018-16331]
123483Pandao Editor.md IMG Element cross site scripting [CVE-2018-16330]
123482ImageMagick property.c GetMagickProperty null pointer dereference🔒
123481ImageMagick log.c CheckEventLogging null pointer dereference🔒
123480Subrion CMS Admin Panel Stored cross site scripting
123479GetSimple CMS edit.php cross site scripting
123478Icewarp Server cross site scripting [CVE-2018-16324]
123477ImageMagick XBM File xbm.c ReadXBMImage information disclosure🔒
123476idreamsoft iCMS ZIP File path traversal [CVE-2018-16320]
123475Portainer Team Name Stored cross site scripting
123474Waimai Super CMS cross-site request forgery [CVE-2018-16315]
123473idreamsoft iCMS admincp.php cross-site request forgery
123472Bludit cross site scripting [CVE-2018-16313]
123471Ninja Forms Plugin injection [CVE-2018-16308]
123470PDF-XChange Editor x:xmpmeta Structure xml external entity reference
123469MediaComm Zip-n-Go File memory corruption [CVE-2018-16302]
123468libzypp RPM access control [CVE-2018-7685]🔒
123467NVIDIA GeForce Experience GameStream information disclosure [CVE-2018-6259]
123466NVIDIA GeForce Experience GameStream Installation race condition
123465NVIDIA GeForce Experience GameStream access control [CVE-2018-6257]
123464simplehttpserver Listing path traversal [CVE-2018-3787]
123463miniCMS post.php cross site scripting
123462phpkaiyuancms PhpOpenSourceCMS Api.php ajax_save_draft sql injection
123461Linux Kernel yurex USB Driver yurex.c input validation🔒
123460OPSWAT MetaDefender injection [CVE-2018-16275]
123459Docker HandleRequestAsync deserialization🔒
123458libesedb libesedb_key.c libesedb_key_append_data out-of-bounds read [Disputed]
123457libesedb libesedb_catalog_definition.c libesedb_catalog_definition_read out-of-bounds read [Disputed]
123456libesedb libesedb_page.c libesedb_page_read_tags out-of-bounds read [Disputed]
123455libesedb libesedb_page.c libesedb_page_read_values out-of-bounds read [Disputed]
123454libfsclfs libfsclfs_block.c libfsclfs_block_read out-of-bounds read [Disputed]
123453Dell EMC RSA BSAFE Micro Edition Suite RSA Decryption Bleichenbacher cryptographic issues
123452Dell EMC RSA BSAFE Micro Edition Suite ASN.1 Data resource consumption
123451Dell EMC RSA BSAFE Micro Edition Suite PKCS #12 Data denial of service
123450Dell EMC RSA BSAFE Micro Edition Suite ASN.1 Data integer overflow
123449Micro Focus Hybrid Cloud Management Containerized Suite code injection
123448Micro Focus Hybrid Cloud Management Containerized Suite code injection
123447DamiCMS Session credentials management [CVE-2018-16239]
123446DamiCMS form-data input validation
123445DamiCMS admin.php path traversal
123444cPanel HTML Rendering index.html cross site scripting
123443MorningStar WhatWeb JSON Report File cross site scripting [CVE-2018-16234]
123442miniCMS post-edit.php cross site scripting
123441Michael Roth Software Personal FTP Server FTP Command input validation
123440Gift Vouchers Plugin admin-ajax.php sql injection
123439Eaton Power Xpert Meter 8000 SSH key management [CVE-2018-16158]
123438Waimai Super CMS injection [CVE-2018-16157]
123437PHPOK login_control.php ok_f Reflected cross site scripting
123436ThinkCMF ProfileController.class.php do_avatar path traversal
123435fig2dev fig File read.c get_line Underflow memory corruption🔒
123434Lightbend Akka HTTP decodeRequestWith resource consumption
123433Wireshark Bluetooth AVDTP Dissector packet-btavdtp.c injection🔒
123432Wireshark Radiotap Dissector packet-ieee80211-radiotap-iter.c injection🔒
123431Wireshark Attribute Protocol Dissector packet-btatt.c injection🔒
123430Argus Surveillance DVR WEBACCOUNT.CGI path traversal
123429CA Release Automation deserialization [CVE-2018-15691]
123428myStrom WiFi Switch Device Registration access control [CVE-2018-15480]
123427myStrom WiFi Switch Cloud improper authentication [CVE-2018-15479]
123426myStrom WiFi Switch access control [CVE-2018-15478]
123425myStrom WiFi Switch V1 Cloud os command injection [CVE-2018-15477]
123424myStrom WiFi Switch Server Certificate Validator certificate validation
123423Trend Micro OfficeScan XG Named Pipe information disclosure [CVE-2018-15364]
123422Trend Micro Security 2018 out-of-bounds read [CVE-2018-15363]
123421Epson WF-2750 Update origin validation [CVE-2018-14903]
123420Epson iPrint App ContentProvider information disclosure [CVE-2018-14902]
123419Epson iPrint App API key management [CVE-2018-14901]
123418Epson WF-2750 Print Job path error [CVE-2018-14900]
123417Epson WF-2750 Web Interface AirPrint Setup cross site scripting
123416libtirpc File Descriptors makefd_xprt file descriptor consumption🔒
123415libtirpc File Descriptors resource consumption [CVE-2018-14621]🔒
123414Linux Kernel Crypto Subsystem input validation [CVE-2018-14619]🔒
123413Foxit Reader type conversion [CVE-2018-14317]
123412CA PPM XML Data xml external entity reference [CVE-2018-13826]
123411CA PPM gridExcelExport Reflected cross site scripting
123410CA PPM sql injection [CVE-2018-13824]
123409CA PPM XML Data xml external entity reference [CVE-2018-13823]
123408CA PPM Credential information disclosure [CVE-2018-13822]
123407CA Unified Infrastructure Management improper authentication🔒
123406CA Unified Infrastructure Management hard-coded credentials [CVE-2018-13820]🔒
123405CA Unified Infrastructure Management Secret Key hard-coded credentials🔒
123404Xovis PC2/PC2R/PC3 path traversal [CVE-2018-11720]
123403Xovis PC2/PC2R/PC3 XML Data xml external entity reference [CVE-2018-11719]
123402Xovis PC2/PC2R/PC3 cross-site request forgery [CVE-2018-11718]
123401Tencent Foxmail URI command injection [CVE-2018-11616]
123400npm mosca Regular Expression incorrect regex [CVE-2018-11615]
123399postgresql-jdbc SSL Factory certificate validation [CVE-2018-10936]
123398Trend Micro Security 2018 access control [CVE-2018-10514]
123397Trend Micro Security 2018 Deserialize deserialization [CVE-2018-10513]
123396IBM UrbanCode Deploy UCD REST Endpoint improper authorization
123395IBM OpenPages GRC Platform session expiration [CVE-2016-0234]
123394IBM Cloud Orchestrator User information disclosure [CVE-2016-0205]
123393Apache Traffic Server ESI Plugin access control [CVE-2018-8040]🔒
123392Apache Traffic Server TLS Handshake input validation [CVE-2018-8022]
123391Apache Traffic Server Range Request Performance resource management🔒
123390Apache Traffic Server HTTP Smuggling request smuggling [CVE-2018-8004]🔒
123389Schneider Electric PowerLogic PM5560 Protocol cross site scripting
123388Schneider Electric Modicon M221 Access Control access control
123387Schneider Electric Modicon M221 Password Change access control
123386Schneider Electric Modicon M221 information management [CVE-2018-7790]
123385Schneider Electric Modicon M221 unusual condition [CVE-2018-7789]
123384Orbic Wonder RC555L/Wonder RC555 SD Card Log log file [CVE-2018-6599]
123383Orbic Wonder RC555L/Wonder RC555 Factory Reset access control
123382Alcatel A30 adb access control [CVE-2018-6597]
123381Adobe Creative Cloud Desktop Application Installer untrusted search path🔒
123380Cybrotech CyBroHttpServer URI cross site scripting [CVE-2018-16134]
123379Cybrotech CyBroHttpServer URI path traversal [CVE-2018-16133]
123378Open Whisper Signal App Image Renderer resource consumption [CVE-2018-16132]
123377Lightbend Akka Random Number Generator weak prng [CVE-2018-16115]
123376manjaro-system manjaro-update-system.sh access control
123375Technicolor TC8305C 7pk security [CVE-2018-15907]
123374QEMU seccomp Policy qemu-seccomp.c security check for standard🔒
123373Grafana Remember Me Cookie improper authentication [CVE-2018-15727]🔒
123372CMS ISWEB index.php cross site scripting
123371ABB eSOMS LDAP web.config improper authentication
123370Vivotek FD8/FD9/FE9/IB8/IB9/IP9/IZ9/MS9/SD9 command injection
123369Apache Traffic Server ACL remap.config input validation🔒
123368Adobe Creative Cloud Desktop Application Certificate Validation certificate validation🔒
123367Adobe Flash Player access control [CVE-2018-12828]🔒
123366Adobe Flash Player out-of-bounds read [CVE-2018-12827]🔒
123365Adobe Flash Player out-of-bounds read [CVE-2018-12826]🔒
123364Adobe Flash Player 7pk security [CVE-2018-12825]🔒
123363Adobe Flash Player out-of-bounds read [CVE-2018-12824]🔒
123362Adobe Acrobat Reader out-of-bounds write [CVE-2018-12808]🔒
123361Adobe Experience Manager input validation [CVE-2018-12807]
123360Adobe Experience Manager Reflected cross site scripting [CVE-2018-12806]
123359Adobe Acrobat Reader null pointer dereference [CVE-2018-12799]🔒
123358D-Link DIR-601 POST Request Credentials credentials management
123357Norton Identity Safe Initialization cryptographic issues [CVE-2018-12240]
123356EPiServer DTD Handler.ashx xml external entity reference
123355elfutils libdw dwarf_getaranges.c dwarf_getaranges memory corruption🔒
123354Joomla CMS InputFilter Upload unrestricted upload🔒
123353Joomla CMS ACL 7pk security [CVE-2018-15881]🔒
123352Joomla CMS Profile Page Stored cross site scripting🔒
123351Auth0 auth0-aspnet/auth0-aspnet-owin oAuth 2.0 cross-site request forgery
123350Microsoft Windows Task Scheduler Service printconfig.dll privileges management
123349Infoblox NetMRI index.php Reflected cross site scripting
123348Samsung SmartThings Hub STH-ETH-250 hubCore Process integer underflow
123347Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server memory corruption
123346Samsung SmartThings Hub STH-ETH-250 Video-Core Process request smuggling
123345Samsung SmartThings Hub STH-ETH-250 clips memory corruption
123344IBM Platform Symphony information disclosure [CVE-2018-1705]
123343OpenSSH GSS2 auth-gss2.c Username information disclosure🔒
123342Artifex Ghostscript memory corruption [CVE-2018-15911]🔒
123341e107 CMS usersettings.php cross-site request forgery
123340PHP Scripts Mall Website Seller Script memory corruption [CVE-2018-15897]
123339PHP Scripts Mall Website Seller Script cross site scripting [CVE-2018-15896]
123338Ricoh MP C4504ex adrsSetUserWizard.cgi cross-site request forgery
123337Sentrifugo sql injection [CVE-2018-15873]
123336D-Link DIR-615 HTTP Header memory corruption [CVE-2018-15839]
123335Zoho ManageEngine ADManager Plus Workflow Delegation/Requester Roles cross site scripting
123334Zoho ManageEngine ADManager Plus AD Delegation/Help Desk Technicians injection
123333MyBB RSS Syndication class_feedgeneration.php cross site scripting
123332Export Users to CSV Plugin injection [CVE-2018-15571]
123331Mutiny Monitoring Appliance Admin Interface maintenance.cgi command injection
123330conference-scheduler-cli pickle File pickle.load os command injection
123329pycparser Import yacc.py LRTable privileges management
123328Atlassian JIRA cross site scripting [CVE-2018-13395]
123327Atlassian JIRA Server ProfileLinkUserFormat Email information disclosure🔒
123326Google Chrome Chromecast access control [CVE-2017-15430]🔒
123325Google Chrome V8 WebAssembly JS Universal cross site scripting🔒🔒
123324Google Chrome Omnibox Drag and Drop cross site scripting🔒🔒
123323Google Chrome Omnibox input validation [CVE-2017-15426]🔒🔒
123322Google Chrome Omnibox input validation [CVE-2017-15425]🔒🔒
123321Google Chrome Omnibox input validation [CVE-2017-15424]🔒🔒
123320Google Chrome BoringSSL cryptographic issues [CVE-2017-15423]🔒🔒
123319International Components for Unicode ucnv_UTF8FromUTF8 integer overflow🔒🔒
123318Google Chrome Resource Timing API redirect [CVE-2017-15419]🔒🔒
123317Google Chrome Skia memory corruption [CVE-2017-15418]🔒🔒
123316Google Chrome Skia memory corruption [CVE-2017-15417]🔒🔒
123315Google Chrome Blob API memory corruption [CVE-2017-15416]🔒🔒
123314Google Chrome IPC Serialized input validation🔒🔒
123313Google Chrome WebAssembly type conversion [CVE-2017-15413]🔒🔒
123312Google Chrome libxml2 use after free [CVE-2017-15412]🔒🔒
123311Google Chrome PDFium use after free [CVE-2017-15411]🔒🔒
123310Google Chrome PDFium use after free [CVE-2017-15410]🔒🔒
123309Google Chrome Skia memory corruption [CVE-2017-15409]🔒🔒
123308Google Chrome Omnibox memory corruption [CVE-2017-15408]🔒🔒
123307Google Chrome QUIC Networking Stack out-of-bounds write [CVE-2017-15407]🔒🔒
123306Google Chrome v8 memory corruption [CVE-2017-15406]🔒
123305Google Chrome v8 use after free [CVE-2017-15399]🔒🔒
123304Google Chrome QUIC Networking Stack memory corruption [CVE-2017-15398]🔒🔒
123303International Components for Unicode for C NumberingSystem memory corruption🔒🔒
123302phpMyFAQ CAPTCHA Protection Mechanism 7pk security [CVE-2014-6050]
123301phpMyFAQ Authorization improper authorization [CVE-2014-6049]
123300phpMyFAQ Attachment information disclosure [CVE-2014-6048]
123299phpMyFAQ Permission Check permission [CVE-2014-6047]
123298phpMyFAQ cross-site request forgery [CVE-2014-6046]
123297phpMyFAQ Restore sql injection [CVE-2014-6045]
123296Wordfence Security whois.php cross site scripting
123294Samsung SmartThings Hub STH-ETH-250 hubCore certificate validation
123293Samsung SmartThings Hub STH-ETH-250 hubCore Process neutralization
123292Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123291Samsung SmartThings Hub STH-ETH-250 Video-Core Process clips memory corruption
123290IBM WebSphere Commerce information disclosure [CVE-2018-1644]
123289Artifex Ghostscript PostScript File type conversion [CVE-2018-15910]🔒
123288Artifex Ghostscript PostScript File type conversion [CVE-2018-15909]🔒
123287Artifex Ghostscript PostScript File 7pk security [CVE-2018-15908]🔒
123286A10 ACOS Web Application Firewall SQL Injection sql injection
123285miniCMS post.php cross site scripting
123284idreamsoft iCMS Incomplete Fix spider_tools.class.php server-side request forgery
123283WUZHI CMS index.php sql injection
123282WUZHI CMS copyfrom.php sql injection
123281Asus DSL-N12E_C1 Main_Analysis_Content.asp os command injection
123280Visiology Flipbox Software Suite path traversal [CVE-2018-15810]
123279ASUSTOR Data Master Configuration File cross site scripting [CVE-2018-15699]🔒
123278ASUSTOR Data Master loginimage.cgi Path information disclosure🔒
123277ASUSTOR Data Master .ash_history Path information disclosure🔒
123276ASUSTOR Data Master user.cgi User information disclosure🔒
123275ASUSTOR Data Master wallpaper.cgi path traversal🔒
123274ASUSTOR Data Master Web Server path traversal [CVE-2018-15694]🔒
123273Linux Kernel cipso_ipv4.c cipso_v4_optptr resource management🔒
123272QNAP Photo Station Application cross site scripting [CVE-2018-0715]🔒
123271openstack-cinder ScaleIO Volume information disclosure [CVE-2017-15139]
123270Lansweeper Windows Service input validation [CVE-2015-9264]
123269Up.Time Monitoring Station post2file.php unrestricted upload
123268Umbraco umbracoSettings.Release.config unrestricted upload
123267PoDoFo PdfParser.cpp ReadObjects input validation🔒
123266AspCMS reg.asp addUser input validation
123265Ovation FindMe input validation [CVE-2018-15885]
123264Plainview Activity Monitor Plugin os command injection [CVE-2018-15877]
123263ajax-bootmodal-login Plugin Captcha input validation [CVE-2018-15876]
123262Vanilla Polling input validation [CVE-2018-15833]
123261ZyXEL VMG3312 B10B connectionStatus-hostEntry.cmd Persistent cross site scripting
123260Joomanager Credentials information disclosure [CVE-2017-18345]
123259mod_perl .htaccess code injection [CVE-2011-2767]🔒
123258D-Link DIR-615 UPnP Page cross site scripting [CVE-2018-15875]
123257D-Link DIR-615 Web UI cross site scripting [CVE-2018-15874]
123256libming decompileSingleArgBuiltInFunctionCall memory corruption
123255libming decompileGETVARIABLE memory corruption
123254xkbcommon Parser parser.y null pointer dereference🔒
123253xkbcommon Parser compat.c null pointer dereference🔒
123252xkbcommon Keymap File expr.c LookupModMask null pointer dereference🔒
123251xkbcommon Parser expr.c ExprResolveLhs null pointer dereference🔒
123250xkbcommon Keymap File expr.c ExprResolveLhs null pointer dereference🔒
123249xkbcommon Parser keycodes.c CopyKeyAliasesToKeymap null pointer dereference🔒
123248xkbcommon Keymap File ast-build.c use after free🔒
123247xkbcommon Keymap File parser.c resource management🔒
123246xkbcommon Parser null pointer dereference [CVE-2018-15855]🔒
123245xkbcommon Parser null pointer dereference [CVE-2018-15854]🔒
123244xkbcommon/libxkbcommon Keymap File expr.c resource management🔒
123243Technicolor TC7200.20 7pk security [CVE-2018-15852]
123242Flexo CMS add cross-site request forgery
123241Redaxo CMS cross-site request forgery [CVE-2018-15850]
123240portfolioCMS aboutus.php cross-site request forgery
123239portfolioCMS cross-site request forgery [CVE-2018-15848]
123238puppyCMS Add Page/URL menu.php cross site scripting
123237fledrCMS cross-site request forgery [CVE-2018-15846]
123236Gleez CMS add cross-site request forgery
123235DamiCMS cross-site request forgery [CVE-2018-15844]
123234GetSimple CMS edit.php cross site scripting
123233WolfCMS add cross site scripting
123232egg-scripts Command Line command injection [CVE-2018-3786]
123231Amazon Web Services CLI Image 7pk security [CVE-2018-15869]
123230Couchbase Server Erlang Code code injection [CVE-2018-15728]
123229phpMyAdmin Import cross site scripting [CVE-2018-15605]🔒
123228EasyLogin Pro Encryptor.php decrypt code injection
123227Responsive Filemanager Archive ajax_calls.php path traversal
123226Responsive Filemanager ajax_calls.php path traversal
123225GEAR Product GEARAspiWDM.sys Blue Screen race condition
123224pango libpango memory corruption [CVE-2018-15120]🔒
123223libX11 XListExtensions ListExt.c out-of-bounds write🔒
123222libX11 XListExtensions ListExt.c calculation🔒
123221libX11 XListExtensions ListExt.c input validation🔒
123220Pimcore cross site scripting [CVE-2018-14059]
123219Puppet Enterprise RBAC LDAP information disclosure [CVE-2018-11749]
123218Netwave IP Camera get_status.cgi information disclosure
123217Netwave IP Camera Service Port 8000 RT2870STA.dat information disclosure
123216Moderator Log Notes Plugin Mod Note cross-site request forgery
123215Dell EMC RSA Archer WorkPoint sql injection [CVE-2018-11065]🔒
123214Dell EMC RSA NetWitness Platform/RSA Security Analytics Template access control
123213National Payments of India BHIM SMS Validation hard-coded credentials
123212National Payments of India BHIM Custom Keypad improper authentication
123211National Payments of India BHIM App OTP improper authentication
123210National Payments of India BHIM App Passcode 7pk security [CVE-2017-9818]
123209PLANEX CS-QR20 Android App SystemCommand hard-coded credentials
123208PLANEX CS-QR20 Management Page system_command.asp access control
123207NEC Aterm WG2600HP2 Web Service API negotiate access control
123206PLANEX CS-W50HD Web Authentication .htpasswd hard-coded credentials
123205PLANEX CS-W50HD Web Management UI nasset.cgi command injection
123204D-Link EyeOn Baby Monitor DCS-825L Web Service Framework command injection
123203D-Link EyeOn Baby Monitor DCS-825L UDP Discover Service memory corruption
123202Samsung SmartThings Hub STH-ETH-250 Video-Core Process REST request smuggling
123201Samsung SmartThings Hub STH-ETH-250 Video-Core Process JSON request smuggling
123200IBM WebSphere Application Server Liberty JASPIC information disclosure
123199IBM Security Access Manager Advanced Access Control command injection
123198IBM Maximo Asset Management Back-End Database sql injection [CVE-2018-1699]
123197Apache Sentry access control [CVE-2018-8028]
123196fscrypt pam_fscrypt Module access control [CVE-2018-6558]
123195Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123194Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123193Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123192Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123191Samsung SmartThings Hub STH-ETH-250 Video-Core Process Header Injection response splitting
123190Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123189Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123188Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123187Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123186Samsung SmartThings Hub STH-ETH-250 Credentials JSON sql injection
123185Samsung SmartThings Hub STH-ETH-250 Video Core memory corruption
123184Samsung SmartThings Hub STH-ETH-250 Video Core memory corruption
123183Samsung SmartThings Hub STH-ETH-250 Video Core memory corruption
123182Samsung SmartThings Hub STH-ETH-250 samsungWifiScan memory corruption
123181Samsung SmartThings Hub STH-ETH-250 Video-Core Process memory corruption
123180Samsung SmartThings Hub STH-ETH-250 URL command injection [CVE-2018-3856]
123179Insteon Hub PubNub access control [CVE-2018-3833]
123178Insteon Hub HTTP Server mpfsupload unrestricted upload
123177Jenkins Update Center UpdateCenter.java permission🔒
123176Jenkins Log Computer.java information disclosure🔒
123175Jenkins SecurityRealm.java improper authentication🔒
123174Jenkins CronTab.java resource management🔒
123173Jenkins Login BasicAuthenticationFilter.java resource management🔒
123172Jenkins Domain Name XStream2.java deserialization🔒
123171FFmpeg flvenc.c flv_write_packet input validation🔒
123170AccuPOS access control [CVE-2018-15809]
123169POSIM EVO hard-coded credentials [CVE-2018-15808]
123168POSIM EVO 7pk security [CVE-2018-15807]
123167MapR Converged Data Platform/MapR-XD MapR File System credentials management
123166Dell 2335dn HTML Source Code credentials management [CVE-2018-15748]
123165GitHub Electron WebPreferences 7pk security [CVE-2018-15685]
123164Emerson DeltaV DCS DLL uncontrolled search path [CVE-2018-14797]
123163Emerson DeltaV DCS File access control [CVE-2018-14791]
123162BD Alaris GS/Alaris GH/Alaris CC/Alaris TIVA Terminal Server Serial Port missing authentication
123161MikroTik RouterOS HTTP Server Disconnect memory corruption🔒
123160MikroTik RouterOS HTTP Server resource consumption [CVE-2018-1158]🔒
123159MikroTik RouterOS HTTP Server resource consumption [CVE-2018-1157]🔒
123158MikroTik RouterOS License Upgrade Interface memory corruption🔒
123157Insteon Hub improper authentication [CVE-2017-16348]
123156Insteon Hub 2245-222 PubNub Service memory corruption [CVE-2017-16337]
123155Insteon Hub 2245-222 PubNub Service memory corruption [CVE-2017-14455]
123154Insteon Hub 2245-222 PubNub Service memory corruption [CVE-2017-14453]
123153Insteon Hub PubNub Message memory corruption [CVE-2017-14452]
123152cURL CONNECT Proxy Credentials credentials management
123151Norton Power Eraser/SymDiag DLL Loader uncontrolled search path
123150Norton Utilities DLL Loader code injection [CVE-2018-5235]
123149Philips PageWriter hard-coded credentials [CVE-2018-14801]
123148Philips PageWriter input validation [CVE-2018-14799]
123147Philips IntelliSpace Cardiovascular/Xcelera Unquoted Search Path unquoted search path
123146Philips IntelliSpace Cardiovascular Folder access control [CVE-2018-14787]
123145Apache Struts Namespace input validation [CVE-2018-11776]🔒🔒
123144Apache Cayenne CayenneModeler File Transfer xml external entity reference
123143Samba LDAP Server input validation [CVE-2018-1140]🔒
123142Samba NTLMv1 Authentication credentials management [CVE-2018-1139]🔒
123141Samba Active Directory LDAP Server information disclosure [CVE-2018-10919]🔒
123140Samba Active Directory Domain Controller null pointer dereference🔒
123139Ansible Tower authentication.py cross-site request forgery🔒
123138Samba File Name memory corruption [CVE-2018-10858]🔒
123137GnuTLS Lucky Thirteen cryptographic issues [CVE-2018-10846]🔒
123136GnuTLS HMAC-SHA-384 Lucky Thirteen cryptographic issues🔒
123135GnuTLS HMAC-SHA-256 Lucky Thirteen cryptographic issues🔒
123134Red Hat CloudForms Management Engine Header crlf injection [CVE-2017-7528]
123133Satellite X.509 Certificate certificate validation [CVE-2017-7513]
123132Foreman Katello Plugin Filter access control [CVE-2017-2662]
123131libvirt Drive null pointer dereference [CVE-2017-2635]
123130Red Hat Openstack Enterprise openstack-tripleo-common access control
123129libbpg BPG Encoder null pointer dereference [CVE-2017-2575]
123128Cobbler cobbler-web cross site scripting [CVE-2016-9605]
123127IBM API Connect Hijacking input validation [CVE-2018-1599]
123126Adobe Photoshop CC 2017/Photoshop CC 2018 memory corruption [CVE-2018-12811]🔒
123125Adobe Photoshop CC 2017/Photoshop CC 2018 memory corruption [CVE-2018-12810]🔒
123124Node.js Buffer.alloc memory corruption🔒
123123Belkin Wemo Insight Smart Plug Local Security Protection libUPnPHndlr.so memory corruption
123122Ubuntu Linux base-files package link following [CVE-2018-6557]🔒
123121HDF5 HDF File H5Dchunk.c H5D__chunk_init divide by zero
123120HDF5 HDF File H5Pint.c H5P__get_cb resource consumption
123119Bloop Airmail 3 URL input validation [CVE-2018-15670]
123118Bloop Airmail 3 Frame 7pk security [CVE-2018-15669]
123117Bloop Airmail 3 airmail:/ Scheme Attachment information disclosure
123116Bloop Airmail 3 airmail:/ Scheme access control [CVE-2018-15667]
123115Ola Money App SMS information disclosure [CVE-2018-15661]
123114Ola Money App access control [CVE-2018-15660]
123113ImageMagick Input File resource consumption [CVE-2018-15607]
123112Victor CMS Comment cross site scripting [CVE-2018-15603]
123111Elefant CMS Protection Mechanism drop.php input validation
123110Dropbear svr-auth.c recv_msg_userauth_request User information disclosure🔒
123109Containous Traefik API improper authentication [CVE-2018-15598]🔒
123108Geutebrueck re_porter 16 Service Port 12003 gscsetup.xml Username information disclosure🔒
123107Geutebrueck re_porter 16 Service Port 12005 exec Reflected cross site scripting🔒
123106Java System Solutions SSO Plugin arslogin select_sso Reflected cross site scripting
123105UCOPIA Wireless Appliance Restricted Administration Shell access control
123104DeltaV path traversal [CVE-2018-14795]
123103DeltaV Communication Port memory corruption [CVE-2018-14793]
123102Node.js UCS-2 Encoding Buffer#write out-of-bounds write🔒
123101lldptool memory corruption [CVE-2018-10932]🔒
123100Linux Kernel MIDI Kernel Driver rawmidi.c snd_rawmidi_input_params double free🔒
123099apt GPG Signature signature verification [CVE-2018-0501]🔒
123098Huawei USG2205BSR/USG2220BSR/USG5120BSR/USG5150BSR IPsec IKEv1 input validation
123097Huawei USG2205BSR/USG2220BSR/USG5120BSR/USG5150BSR IPsec IKEv1 input validation
123096Huawei USG2205BSR/USG2220BSR/USG5120BSR/USG5150BSR IPsec IKEv1 Bleichenbacher cryptographic issues
123095Symantec Encryption Management Server resource consumption [CVE-2018-5243]🔒
123094IBM Java Runtime Environment Dump File path traversal [CVE-2018-1656]🔒
123093IBM SDK Java Technology Edition java.math input validation [CVE-2018-1517]🔒
123092Wi2be SMART HP WMT SystemStatusRpm.esp information disclosure
123091Wi2be SMART HP WMT credentials management [CVE-2018-14078]
123090Wi2be SMART HP WMT Backup configfile.cfg injection
123089Open Whisper Signal information disclosure [CVE-2018-14023]
123088Paymorrow Module 7pk security [CVE-2018-14020]
123087IBM Rational Web UI cross site scripting [CVE-2018-1394]
123086Oxid eShop Enterprise Edition Password Reset password recovery
123085Rust Standard Library reserve memory corruption
123084Pallets flask JSON Data input validation [CVE-2018-1000656]🔒
123083Jsish jsiValue.c jsi_ValueCopyMove null pointer dereference
123082GNU Libtasn1 _asn1_expand_object_id resource management
123081zzcms top.php sql injection
123080JabRef XML Parser xml external entity reference [CVE-2018-1000652]
123079Stroom XML Parser xml external entity reference [CVE-2018-1000651]
123078LibreHealthIO lh-ehr Show Groups Popup sql injection [CVE-2018-1000650]
123077LibreHealthIO lh-ehr letter.php access control
123076LibreHealthIO lh-ehr Patient File access control [CVE-2018-1000648]
123075LibreHealthIO lh-ehr Template Import 7pk security [CVE-2018-1000647]
123074LibreHealthIO lh-ehr Template Import unrestricted upload [CVE-2018-1000646]
123073LibreHealthIO lh-ehr Template Import information disclosure [CVE-2018-1000645]
123072Eclipse RDF4j XML Parser xml external entity reference [CVE-2018-1000644]
123071OWASP AntiSamy AntiSamy.scan cross site scripting
123070FlightAirMap Registration Sub Menu Page cross site scripting
123069YesWiki i18n.inc.php code injection
123068OpenCart-Overclocked cross site scripting [CVE-2018-1000640]
123067LatexDraw SVG File xml external entity reference [CVE-2018-1000639]
123066miniCMS page.php cross site scripting
123065zutils zcat memory corruption [CVE-2018-1000637]🔒
123064JerryScript ecma-builtin-typedarray-prototype.c null pointer dereference
123063Open Microscopy Environment OMERO.server information disclosure
123062Open Microscopy Environment OMERO.server User Management access control
123061Open Microscopy Environment OMERO.web Log File Password information disclosure
123060dom4j XML Data xml injection [CVE-2018-1000632]🔒
123059Cobbler XMLRPC API cobbler-api access control🔒
123058Cobbler XMLRPC API cobbler-api cross site scripting🔒
123057Godot Engine deserialization [CVE-2018-1000224]🔒
123056Soundtouch WavFile.cpp readHeaderBlock memory corruption🔒
123055Libgd gdImageBmpPtr double free🔒
123054pkgconf PC File dequote memory corruption
123053OpenEMR fax_view.php cross site scripting
123052OpenEMR fax_view.php cross site scripting
123051Dave Gamble cJSON Library use after free [CVE-2018-1000217]
123050Dave Gamble cJSON Library double free [CVE-2018-1000216]
123049Dave Gamble cJSON Library resource management [CVE-2018-1000215]
123048IBM Rational code injection [CVE-2017-1753]
123047Tridium Niagara AX/Niagra 4 improper authentication [CVE-2017-16748]
123046Tridium Niagara AX/Niagra 4 path traversal [CVE-2017-16744]
123045PostgreSQL Interactive Installer HTTP access control
123044phpwhois Whois Record code injection [CVE-2015-5243]
123043libvirt QEMU Command Line information disclosure [CVE-2015-5160]🔒🔒
123042Pyro PID File link following [CVE-2011-2765]
123041Linux Kernel Indirect Call paravirt.c Spectre 7pk security🔒
123040Reprise License Manager edit_lf_get_data cross site scripting [Disputed]
123039Reprise License Manager Web Interface rlm.exe input validation [Disputed]
123038Linux Kernel RSB bugs.c spectre_v2_select_mitigation Spectre 7pk security🔒
123037Waimai Super CMS editsave Stored cross site scripting
123036My Little Forum cross-site request forgery [CVE-2018-15569]
123035tp5cms delete.html cross-site request forgery
123034CMSUno cross site scripting [CVE-2018-15567]
123033tp5cms index.html cross site scripting
123032daveismyname simple-cms addpage.php cross-site request forgery
123031daveismyname simple-cms cross-site request forgery [CVE-2018-15564]
123030PyCryptodome AESNI.c integer overflow🔒
123029Xiuno BBS Editor Stored cross site scripting
123028Telus Actiontec T2200H fileshare.cmd os command injection
123027FreeBSD IP Fragment Reassembly resource consumption [CVE-2018-6923]🔒
123026Trusted Computing Group Trusted Platform Module S3 Sleep 7pk security
123025F5 BIG-IP APM Client Legacy Logon Mode access control [CVE-2018-5547]
123024F5 BIG-IP APM Client svpn/policyserver access control [CVE-2018-5546]🔒
123023git-dummy-commit command injection [CVE-2018-3785]
123022Cryo deserialization [CVE-2018-3784]
123021flintcms Password Reset access control [CVE-2018-3783]
123020EmbedThis GoAhead/Appweb HTTP POST Request null pointer dereference
123019EmbedThis GoAhead/Appweb HTTP Request null pointer dereference
123018Swoole Unpack deserialization [CVE-2018-15503]
123017libgit2 smart_pkt.c ng_pkt out-of-bounds read🔒
123016Responsive Filemanager upload.php path traversal
123015Dojo Toolkit DataGrid String Injection injection🔒
123014Sentinel License Manager UDP lservnt.exe denial of service
123013Zemana Anti-Logger MyRules2.ini access control
123012Google Android MLT Application access control [CVE-2018-15482]
123011OpenSSH auth2-gss.c information disclosure🔒
123010Xen Linux Netback Driver hash.c xenvif_set_hash_mapping integer overflow🔒
123009Xen oxenstored resource consumption [CVE-2018-15470]🔒
123008Xen ARM Grant Table v2 BUG resource consumption🔒
123007Xen DEBUGCTL MSR access control [CVE-2018-15468]🔒
123006Eltex ESP-200 7pk security [CVE-2018-15360]
123005Eltex ESP-200 sudo Configuration access control [CVE-2018-15359]
123004Eltex ESP-200 input validation [CVE-2018-15358]
123003Eltex ESP-200 Password information disclosure [CVE-2018-15357]
123002Eltex ESP-200 command injection [CVE-2018-15356]
123001Kraftway 24F2XG SSLv2/SSLv3 cryptographic issues [CVE-2018-15355]
123000Kraftway 24F2XG Web Interface memory corruption [CVE-2018-15354]
122999Kraftway 24F2XG Web Interface memory corruption [CVE-2018-15353]
122998Kraftway 24F2XG denial of service [CVE-2018-15352]
122997Kraftway 24F2XG Link link following [CVE-2018-15351]
122996Kraftway 24F2XG access control [CVE-2018-15350]
122995Google Android GNSS Application access control [CVE-2018-14982]
122994Google Android SystemUI access control [CVE-2018-14981]
122993Pimcore REST Web Service API sql injection [CVE-2018-14058]
122992Pimcore cross-site request forgery [CVE-2018-14057]
122991SPICE Message input validation [CVE-2018-10873]🔒
122990IBM Security Access Manager for Enterprise Single Sign-On Authorization Token information disclosure
122989IBM Maximo Asset Management Web UI cross site scripting [CVE-2018-1715]🔒
122988IBM API Connect Developer Portal cross-site request forgery [CVE-2018-1712]
122987Progress Telerik JustAssembly/JustDecompile .NET Object input validation
122986libxml2 XML File resource consumption [CVE-2018-14567]🔒
122985LINE jp.naver.line Passcode improper authentication [CVE-2018-13446] [Disputed]
122984LINE jp.naver.line Runtime improper authentication [CVE-2018-13435] [Disputed]
122983LINE jp.naver.line Protection Mechanism LAContext improper authentication [Disputed]
122982LiteCart vqmods.inc.php unrestricted upload
122981Apache Commons Compress ZipArchiveInputStream resource management🔒
122980ASUSTOR ADM Photo Gallery Application sql injection [CVE-2018-11511]
122979ASUSTOR ADM credentials management [CVE-2018-11509]
122978Palo Alto PAN-OS Management Web Interface input validation [CVE-2018-10140]🔒
122977Palo Alto PAN-OS GlobalProtect cross site scripting [CVE-2018-10139]🔒
122976Red Hat JBoss Core Services Libxml2 out-of-bounds read
122975Red Hat JBoss Core Services Libxml2 resource management
122974ZyXEL ZyWALL USG Internet Key Exchange Feature Bleichenbacher cryptographic issues
122973Clavister cOS Core IKEv1 Bleichenbacher cryptographic issues
122972Microsoft Edge input validation [CVE-2018-8388]🔒
122971Microsoft Exchange Server Profile Data input validation [CVE-2018-8374]🔒
122970TP-LINK WR840N Authorization Header memory corruption [CVE-2018-15172]
122969OpenEMR faxq.php os command injection
122968OpenEMR fax_dispatch.php os command injection
122967OpenEMR sl_eob_search.php os command injection
122966OpenEMR daemon_frame.php os command injection
122965OpenEMR register.php improper authentication
122964OpenEMR find_code_popup.php sql injection
122963OpenEMR de_identification_screen2.php sql injection
122962OpenEMR Anything_simple.php sql injection
122961OpenEMR search_code.php sql injection
122960OpenEMR forms_admin.php sql injection
122959OpenEMR find_immunization_popup.php sql injection
122958Ericsson-LG iPECS NMS 30M path traversal [CVE-2018-15138]
122957Yubico-Piv ykpiv.c _ykpiv_fetch_object` out-of-bounds read🔒
122956Yubico-Piv Error ykpiv.c ykpiv_transfer_data` out-of-bounds write🔒
122955btrfsmaintenance evaluate_auto_mountpoint access control
122954Citrix XenServer path traversal [CVE-2018-14007]🔒
122953All For One maxRandom weak prng
122952Bitcoin Red distributeBTR integer overflow
122951Nasdaq BWise JMX/RMI Interface missing authentication [CVE-2018-11247]
122950Pulp Path Parser access control [CVE-2018-10917]
122949Trend Micro Control Manager DLL access control [CVE-2018-10512]
122948Trend Micro Control Manager server-side request forgery [CVE-2018-10511]
122947Trend Micro Control Manager path traversal [CVE-2018-10510]
122946Intelbras Win 240 access control [CVE-2018-10369]
122945Cisco Web Security Appliance Account Management Subsystem access control🔒
122944Cisco Digital Network Architecture Center CronJob Scheduler API command injection
122943Cisco Email Security Appliance Attachment Detection input validation
122942Cisco ASR 9000 Local Packet Transport Services resource consumption
122941Cisco Small Business 100 Series Wireless Access Point EAPOL 7pk error
122940Cisco Small Business 100 Series Wireless Access Point EAPOL cryptographic issues
122939Cisco AsyncOS/Web Security Appliance Proxy resource consumption🔒
122938Cisco Unified Communications Manager IM XCP Router Service input validation🔒
122937Cisco Unified Communications Domain Manager cross site scripting
122936Cisco Registered Envelope Service Web-based Management Interface cross site scripting
122935DFNDR Security Antivirus/Anti-Hacking / Cleaner hard-coded credentials
122934Live.me - Live Stream Video Chat hard-coded credentials [CVE-2017-13107]
122933Cheetahmobile CM Launcher 3D - Theme/Wallpaper/Secure/Efficient hard-coded credentials
122932Hi Hi Security Virus Cleaner - Antivirus Booster SSL Certificate Validator certificate validation
122931Uber UberEATS: Uber for Food Delivery hard-coded credentials
122930Pinterest hard-coded credentials [CVE-2017-13103]
122929Gameloft Asphalt Xtreme: Offroad Rally Racing hard-coded credentials
122928Musical.ly hard-coded credentials [CVE-2017-13101]
122927DistinctDev Moron Test hard-coded credentials [CVE-2017-13100]
122926VMware Workstation/Fusion e1000 Device out-of-bounds write [CVE-2018-6973]🔒
122925IBM Tivoli Application Dependency Discovery Manager cross-site request forgery
122924Atlassian Confluence Questions acceptAnswer cross-site request forgery
122923Atlassian Confluence Questions convertCommentToAnswer cross-site request forgery
122922HPE OfficeConnect 1810 information disclosure [CVE-2018-7100]
1229213PAR Service Processor information disclosure [CVE-2018-7099]
1229203PAR Service Processor path traversal [CVE-2018-7098]
1229193PAR Service Processor cross-site request forgery [CVE-2018-7097]
1229183PAR Service Processor code [CVE-2018-7096]
1229173PAR Service Processor access control [CVE-2018-7095]
1229163PAR Service Processor information disclosure [CVE-2018-7094]
122915HPE Integrated Lights-Out 3 7pk security [CVE-2018-7093]
122914HPE XP P9000 Command View Advanced Edition Device Manager/Configuration Manager information disclosure
122913Mingw-w64 ASLR ROP 7pk security
122912Sony IPELA E Network Camera G5 802dot1xclientcert.cgi memory corruption
122911Sony IPELA E Network Camera G5 GET Request os command injection
122910Intel CPU Speculative Execution information disclosure [CVE-2018-3646]🔒
122909Intel CPU Speculative Execution information disclosure [CVE-2018-3620]🔒
122908Intel SGX Speculative Execution information disclosure [CVE-2018-3615]🔒
122907SAP HANA Extended Application Services XS Command-Line Interface access control
122906SAP MaxDB Privileges sql injection [CVE-2018-2450]
122905SAP SRM MDM Catalog User Check Relay improper authentication
122904SAP Business Intelligence Admin Tool information disclosure [CVE-2018-2448]
122903SAP Business Intelligence Launchpad Web Intelligence sql injection
122902SAP Business Intelligence Admin Tool information disclosure [CVE-2018-2446]
122901IBM Business Intelligence AdminTools server-side request forgery
122900SAP BusinessObjects Financial Consolidation cross site scripting
122899SAP Business Intelligence BI Launchpad cross-site request forgery
122898SAP Change/Transport System/KERNEL 32/KERNEL 64 input validation
122897Monstra CMS Edit Profile cross site scripting [CVE-2018-14922]
122896Eldenroot Thank You-Like Plugin thankyoulike.php cross site scripting
122895man-cgi path traversal [CVE-2018-14429]
122894GDM D-Bus Interface use after free [CVE-2018-14424]🔒
122893libcgroup cgred information disclosure🔒
122892Eclipse OpenJ9 Java Attach API deserialization [CVE-2018-12539]🔒
122891Eclipse Vert.x HttpServer/HttpClient Header Injection input validation
122890Cisco IOS/IOS XE RSA-encrypted Nonce inadequate encryption [CVE-2018-0131]
122889Apache HTTP Server mod_userdir HTTP Response Splitting crlf injection🔒
122888Microsoft Windows Windows Shell input validation [CVE-2018-8414]🔒
122887Microsoft Office AutoUpdate input validation [CVE-2018-8412]🔒
122886Microsoft Windows DirectX Graphics access control [CVE-2018-8406]🔒
122885Microsoft Windows DirectX Graphics access control [CVE-2018-8405]🔒
122884Microsoft Windows Win32k access control [CVE-2018-8404]🔒
122883Microsoft Windows DirectX Graphics access control [CVE-2018-8401]🔒
122882Microsoft Windows Graphics access control [CVE-2018-8400]🔒
122881Microsoft Windows Win32k access control [CVE-2018-8399]🔒
122880Microsoft Windows GDI information disclosure [CVE-2018-8398]🔒
122879Microsoft Windows information disclosure [CVE-2018-8396]🔒
122878Microsoft Windows GDI information disclosure [CVE-2018-8394]🔒
122877Microsoft Internet Explorer Scripting Engine memory corruption🔒
122876Microsoft Edge input validation [CVE-2018-8383]🔒
122875Microsoft Excel information disclosure [CVE-2018-8382]🔒
122874Microsoft Excel memory corruption [CVE-2018-8379]🔒
122873Microsoft Office information disclosure [CVE-2018-8378]🔒
122872Microsoft SharePoint Enterprise Server information disclosure🔒
122871Microsoft PowerPoint memory corruption [CVE-2018-8376]🔒
122870Microsoft Excel memory corruption [CVE-2018-8375]🔒
122869Microsoft Edge information disclosure [CVE-2018-8370]🔒
122868Microsoft .NET Framework information disclosure [CVE-2018-8360]🔒
122867Microsoft Edge Security Feature 7pk security [CVE-2018-8358]🔒
122866Microsoft Internet Explorer access control [CVE-2018-8357]🔒
122865Microsoft Edge access control [CVE-2018-8357]🔒
122864Microsoft Internet Explorer Scripting Engine memory corruption🔒
122863Microsoft Edge Cross-Frame information disclosure [CVE-2018-8351]🔒
122862Microsoft Internet Explorer Cross-Frame information disclosure🔒
122861Microsoft Windows Microsoft COM for Windows deserialization [CVE-2018-8349]🔒
122860Microsoft Windows Kernel information disclosure [CVE-2018-8348]🔒
122859Microsoft Windows Kernel access control [CVE-2018-8347]🔒
122858Microsoft Windows LNK code injection [CVE-2018-8346]🔒
122857Microsoft Windows NDIS access control [CVE-2018-8343]🔒
122856Microsoft Windows NDIS access control [CVE-2018-8342]🔒
122855Microsoft Windows Kernel information disclosure [CVE-2018-8341]🔒
122854Microsoft Windows Windows Installer access control [CVE-2018-8339]🔒
122853Microsoft Internet Explorer Hyperlink input validation [CVE-2018-8316]🔒
122852Microsoft Windows Cortana access control [CVE-2018-8253]🔒
122851Microsoft Windows Device Guard Code Integrity Policy 7pk security🔒
122850Microsoft Visual Studio Diagnostic Hub access control [CVE-2018-0952]🔒
122849Microsoft Windows Diagnostic Hub access control [CVE-2018-0952]🔒
122848Microsoft Windows Security Feature 2FA 7pk security🔒
122847Microsoft Windows Device Guard Code Integrity Policy 7pk security🔒
122846Microsoft Internet Explorer memory corruption [CVE-2018-8403]🔒
122845Microsoft Edge memory corruption [CVE-2018-8403]🔒
122844Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
122843Microsoft Edge memory corruption [CVE-2018-8387]🔒
122842Microsoft Internet Explorer Scripting Engine memory corruption🔒
122841Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
122840Microsoft Edge memory corruption [CVE-2018-8377]🔒
122839Microsoft Internet Explorer Scripting Engine memory corruption🔒🔒
122838Microsoft Internet Explorer Scripting Engine memory corruption🔒
122837Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
122836Microsoft Internet Explorer Scripting Engine memory corruption🔒
122835Microsoft ChakraCore Scripting Engine memory corruption [CVE-2018-8359]
122834Microsoft Windows LNK code injection [CVE-2018-8345]🔒
122833Microsoft Windows GDI+ memory corruption [CVE-2018-8397]🔒
122832Microsoft ChakraCore Chakra Scripting Engine memory corruption
122831Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
122830Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
122829Microsoft Edge/ChakraCore Scripting Engine memory corruption🔒
122828Microsoft Internet Explorer Scripting Engine memory corruption🔒
122827Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption🔒
122826Microsoft Windows PDF memory corruption [CVE-2018-8350]🔒
122825Microsoft Windows Graphics code injection [CVE-2018-8344]🔒
122824Microsoft Exchange Server Mail memory corruption [CVE-2018-8302]🔒
122823Microsoft SQL Server memory corruption [CVE-2018-8273]🔒
122822Juniper Junos TCP Reassembly input validation [CVE-2018-5390]🔒
122821VMware Horizon Client/Horizon Message Framework Library out-of-bounds read🔒
122820Hikvision IP Camera Web Server memory corruption [CVE-2018-6414]
122819Nextcloud Talk Autocomplete Stored cross site scripting
122818Nextcloud Server Autocomplete Stored cross site scripting🔒
122817OpenEMR add_edit_event_user.php sql injection
122816OpenEMR find_drug_popup.php sql injection
122815OpenEMR find_appt_popup_user.php sql injection
122814OpenEMR Patient Portal import_template.php path traversal
122813OpenEMR Patient Portal import_template.php path traversal
122812OpenEMR Patient Portal import_template.php path traversal
122811OpenEMR File Upload manage_site_files.php unrestricted upload
122810Zipato Zipabox Smart Home Controller information disclosure [CVE-2018-15125]
122809Zipato Zipabox Smart Home Controller Board Rev 1 Hashing Password inadequate encryption
122808Zipato Zipabox Smart Home Controller Board Rev 1 Configuration Storage access control
122807JetBrains dotPeek/ReSharper Ultimate .NET Object deserialization
122806Tiki Link Stored cross site scripting
122805Tiki Link Attribute OutputLink.php cross site scripting
122804Medtronic MMT 508 improper authentication [CVE-2018-14781]
122803Vuze BitTorrent Client XML Parsing Engine xml external entity reference
122802Plex Media Server XML Parsing Engine xml external entity reference🔒
122801valeuraddons German Spelling Dictionary URL Address Bar cross site scripting
122800Apache Spark REST API 7pk security [CVE-2018-11770]
122799Redhat redhat-certification Document Loader resource consumption🔒
122798KeyCloak User Session resource management [CVE-2018-10842]
122797CNCSoft ScreenEditor memory corruption [CVE-2018-10636]
122796Medtronic MMT 508 Communication information disclosure [CVE-2018-10634]
122795CNCSoft ScreenEditor out-of-bounds read [CVE-2018-10598]
122794Edimax EW-7438RPn Mini v2 cross site scripting [CVE-2018-10569]
122793RPM Installation link following [CVE-2017-7500]🔒🔒
122792UrbanCode Deploy UCD Deployment path traversal [CVE-2017-1749]
122791OpenShift Enterprise cluster-read information disclosure [CVE-2017-15138]
122790IBM UrbanCode Deploy Configuration information disclosure [CVE-2017-1286]
122789IBM Rational ClearQuest SSL Certificate Validator certificate validation
122788Atlassian FishEye/Crucible cross site scripting [CVE-2018-13392]
122787QNAP QTS Helpdesk command injection [CVE-2018-0714]
122786Nextcloud Server Input Validator Log log file
122785Nextcloud Server Authentication 2FA 7pk security
122784url-parse Hostname Parser redirect [CVE-2018-3774]
122783ISC BIND named name.c assertion🔒
122782Linux Kernel aoeblk.c aoedisk_debugfs_show debug log file
122781lxc lxc-user-nic path error [CVE-2018-6556]🔒
122780Ubuntu Linux CUPS AppArmor access control [CVE-2018-6553]🔒
122779active-support Gem command injection [CVE-2018-3779]
122778Oracle Database Server Java VM access control [CVE-2018-3110]🔒
122777PHP Scripts Mall hotel-booking-script memory corruption [CVE-2018-15191]
122776PHP Scripts Mall hotel-booking-script cross site scripting [CVE-2018-15190]
122775PHP Scripts Mall advanced-real-estate-script Profile cross site scripting
122774PHP Scripts Mall advanced-real-estate-script Profile memory corruption
122773PHP Scripts Mall advanced-real-estate-script edit-profile.php cross-site request forgery