Export limit exceeded: 341846 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-12365 | 4 Canonical, Debian, Mozilla and 1 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2024-11-21 | N/A |
| A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. | ||||
| CVE-2018-12358 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-11-21 | N/A |
| Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability affects Firefox < 61. | ||||
| CVE-2018-12337 | 1 Ecos | 2 Secure Boot Stick, Secure Boot Stick Firmware | 2024-11-21 | N/A |
| Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation. | ||||
| CVE-2018-12336 | 1 Ecos | 2 Secure Boot Stick, Secure Boot Stick Firmware | 2024-11-21 | N/A |
| Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access. | ||||
| CVE-2018-12329 | 1 Ecos | 2 Secure Boot Stick, Secure Boot Stick Firmware | 2024-11-21 | N/A |
| Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning. | ||||
| CVE-2018-12318 | 1 Asustor | 2 As602t, Data Master | 2024-11-21 | N/A |
| Information disclosure in the SNMP settings page in ASUSTOR ADM version 3.1.1 allows attackers to obtain the SNMP password in cleartext. | ||||
| CVE-2018-12308 | 1 Asustor | 2 As602t, Data Master | 2024-11-21 | N/A |
| Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encrypt_key" URL parameter. | ||||
| CVE-2018-12301 | 1 Seagate | 1 Nas Os | 2024-11-21 | N/A |
| Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost. | ||||
| CVE-2018-12270 | 1 Valvesoftware | 1 Steam Client | 2024-11-21 | N/A |
| In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites. | ||||
| CVE-2018-12227 | 2 Debian, Digium | 3 Debian Linux, Asterisk, Certified Asterisk | 2024-11-21 | N/A |
| An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 forbidden. However, if an endpoint is not identified, then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot be bypassed to gain access to the disclosed endpoints. | ||||
| CVE-2018-12224 | 2 Intel, Microsoft | 2 Graphics Driver, Windows | 2024-11-21 | N/A |
| Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2018-12222 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an out of bound memory read via local access. | ||||
| CVE-2018-12221 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access. | ||||
| CVE-2018-12219 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to read memory via local access via local access. | ||||
| CVE-2018-12216 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access via local access. | ||||
| CVE-2018-12215 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access. | ||||
| CVE-2018-12211 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient input validation in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access. | ||||
| CVE-2018-12207 | 8 Canonical, Debian, F5 and 5 more | 1541 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 1538 more | 2024-11-21 | 6.5 Medium |
| Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | ||||
| CVE-2018-12198 | 1 Intel | 1 Server Platform Services Firmware | 2024-11-21 | N/A |
| Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access. | ||||
| CVE-2018-12196 | 1 Intel | 1 Converged Security Management Engine Firmware | 2024-11-21 | N/A |
| Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access. | ||||