Export limit exceeded: 361701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361701 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6651 | 2 Parsecgaming, Uncurl Project | 2 Parsec, Uncurl | 2024-11-21 | N/A |
| In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation (accepting an arbitrary substring match) for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full control over the victim's computer. | ||||
| CVE-2018-6644 | 1 Sblim Project | 1 Small Footprint Cim Broker | 2024-11-21 | N/A |
| SBLIM Small Footprint CIM Broker (SFCB) 1.4.9 has a null pointer (DoS) vulnerability via a crafted POST request to the /cimom URI. | ||||
| CVE-2018-6643 | 1 Infoblox | 1 Netmri | 2024-11-21 | N/A |
| Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. | ||||
| CVE-2018-6641 | 1 Wiris | 1 Mathtype | 2024-11-21 | 9.8 Critical |
| An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This is fixed in 6.9d. | ||||
| CVE-2018-6640 | 1 Wiris | 1 Mathtype | 2024-11-21 | 9.8 Critical |
| A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can modify the next pointer of a linked list. This is fixed in 6.9d. | ||||
| CVE-2018-6639 | 1 Wiris | 1 Mathtype | 2024-11-21 | 9.8 Critical |
| An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d. | ||||
| CVE-2018-6638 | 1 Wiris | 1 Mathtype | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d. | ||||
| CVE-2018-6635 | 1 Avaya | 1 Aura | 2024-11-21 | N/A |
| System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896. | ||||
| CVE-2018-6634 | 3 Canonical, Microsoft, Parsecgaming | 3 Ubuntu Linux, Windows, Parsec | 2024-11-21 | N/A |
| A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account. | ||||
| CVE-2018-6633 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000038. | ||||
| CVE-2018-6632 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000110. | ||||
| CVE-2018-6631 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110009.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000170. | ||||
| CVE-2018-6630 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000014c. | ||||
| CVE-2018-6629 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000118. | ||||
| CVE-2018-6628 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000010c. | ||||
| CVE-2018-6627 | 1 Watchdogdevelopment | 1 Anti-malware | 2024-11-21 | N/A |
| In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054. | ||||
| CVE-2018-6626 | 1 Micropoint | 1 Proactive Defense | 2024-11-21 | N/A |
| In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000035. | ||||
| CVE-2018-6625 | 1 Watchdogdevelopment | 1 Anti-malware | 2024-11-21 | N/A |
| In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010. | ||||
| CVE-2018-6624 | 1 Omron | 7 Ns10, Ns12, Ns15 and 4 more | 2024-11-21 | N/A |
| OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html. | ||||
| CVE-2018-6623 | 1 Hola | 1 Vpn | 2024-11-21 | N/A |
| An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists because of the SERVICE_ALL_ACCESS access right for the hola_svc and hola_updater services. | ||||