CVE List - 2018 / November
Showing 501 - 600 of 983 CVEs for November 2018 (Page 6 of 10)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-15711 | 2018-11-14 | Nagios XI 5.5.6 allows remote authenticated attackers to reset and... |
| CVE-2018-15712 | 2018-11-14 | Nagios XI 5.5.6 allows reflected cross site scripting from remote... |
| CVE-2018-15713 | 2018-11-14 | Nagios XI 5.5.6 allows persistent cross site scripting from remote... |
| CVE-2018-15714 | 2018-11-14 | Nagios XI 5.5.6 allows reflected cross site scripting from remote... |
| CVE-2018-5495 | 2018-11-14 | All StorageGRID Webscale versions are susceptible to a vulnerability which... |
| CVE-2018-17960 | 2018-11-14 | CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode... |
| CVE-2018-19280 | 2018-11-14 | Centreon 3.4.x (fixed in Centreon 18.10.0) has XSS via the... |
| CVE-2018-19281 | 2018-11-14 | Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.27)... |
| CVE-2018-19278 | 2018-11-14 | Buffer overflow in DNS SRV and NAPTR lookups in Digium... |
| CVE-2018-19279 | 2018-11-14 | PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext... |
| CVE-2015-9274 | 2018-11-15 | HarfBuzz before 1.0.4 allows remote attackers to cause a denial... |
| CVE-2018-19286 | 2018-11-15 | The server in mubu note 2018-11-11 has XSS by configuring... |
| CVE-2018-19287 | 2018-11-15 | XSS in the Ninja Forms plugin before 3.3.18 for WordPress... |
| CVE-2018-19288 | 2018-11-15 | Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via... |
| CVE-2018-19289 | 2018-11-15 | An issue was discovered in Valine v1.3.3. It allows HTML... |
| CVE-2018-19291 | 2018-11-15 | An issue was discovered in DiliCMS 2.4.0. There is a... |
| CVE-2018-12480 | 2018-11-15 | NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3 |
| CVE-2018-0673 | 2018-11-15 | Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows... |
| CVE-2018-0679 | 2018-11-15 | Cross-site scripting vulnerability in multiple FXC Inc. network devices (Managed... |
| CVE-2018-0680 | 2018-11-15 | Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and... |
| CVE-2018-0681 | 2018-11-15 | Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and... |
| CVE-2018-0682 | 2018-11-15 | Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and... |
| CVE-2018-0683 | 2018-11-15 | Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version... |
| CVE-2018-0684 | 2018-11-15 | Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version... |
| CVE-2018-0685 | 2018-11-15 | SQL injection vulnerability in the Denbun POP version V3.3P R4.0... |
| CVE-2018-0686 | 2018-11-15 | Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and... |
| CVE-2018-0687 | 2018-11-15 | Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP... |
| CVE-2018-0690 | 2018-11-15 | An unvalidated software update vulnerability in Music Center for PC... |
| CVE-2018-0691 | 2018-11-15 | Multiple +Message Apps (Softbank +Message App for Android prior to... |
| CVE-2018-0692 | 2018-11-15 | Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and... |
| CVE-2018-0693 | 2018-11-15 | Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote... |
| CVE-2018-0694 | 2018-11-15 | FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary... |
| CVE-2018-0695 | 2018-11-15 | Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and... |
| CVE-2018-0697 | 2018-11-15 | Cross-site scripting vulnerability in Metabase version 0.29.3 and earlier allows... |
| CVE-2018-0699 | 2018-11-15 | Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier allows remote... |
| CVE-2018-0700 | 2018-11-15 | YukiWiki 2.1.3 and earlier does not process a particular request... |
| CVE-2018-0701 | 2018-11-15 | BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to... |
| CVE-2018-12543 | 2018-11-15 | In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a... |
| CVE-2018-16160 | 2018-11-15 | SecureCore Standard Edition Version 2.x allows an attacker to bypass... |
| CVE-2018-16161 | 2018-11-15 | OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative... |
| CVE-2018-16162 | 2018-11-15 | OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other... |
| CVE-2018-16163 | 2018-11-15 | OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass authentication... |
| CVE-2018-1643 | 2018-11-15 | The Installation Verification Tool of IBM WebSphere Application Server 7.0,... |
| CVE-2018-8529 | 2018-11-15 | A remote code execution vulnerability exists when Team Foundation Server... |
| CVE-2018-14934 | 2018-11-15 | The Bluetooth subsystem on Polycom Trio devices with software before... |
| CVE-2018-14935 | 2018-11-15 | The Web administration console on Polycom Trio devices with software... |
| CVE-2018-16619 | 2018-11-15 | Sonatype Nexus Repository Manager before 3.14 allows XSS. |
| CVE-2018-16620 | 2018-11-15 | Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. |
| CVE-2018-16621 | 2018-11-15 | Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language... |
| CVE-2018-18954 | 2018-11-15 | The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows... |
| CVE-2018-5407 | 2018-11-15 | Simultaneous Multi-threading (SMT) in processors can enable local users to... |
| CVE-2018-19301 | 2018-11-15 | tp4a TELEPORT 3.1.0 allows XSS via the login page because... |
| CVE-2018-19296 | 2018-11-16 | PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to... |
| CVE-2018-9071 | 2018-11-16 | CMM Security Vulnerability |
| CVE-2018-9073 | 2018-11-16 | CMM Security Vulnerability |
| CVE-2018-9085 | 2018-11-16 | Missing System x Flash Memory Write Protection Lock Bit |
| CVE-2018-9086 | 2018-11-16 | Legacy Server BMC Remote Command Injection |
| CVE-2018-7359 | 2018-11-16 | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product... |
| CVE-2018-7360 | 2018-11-16 | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product... |
| CVE-2018-7361 | 2018-11-16 | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product... |
| CVE-2018-7362 | 2018-11-16 | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product... |
| CVE-2018-7363 | 2018-11-16 | All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product... |
| CVE-2018-1639 | 2018-11-16 | The Report Builder of Jazz Reporting Service 5.0 through 5.0.2... |
| CVE-2018-1797 | 2018-11-16 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using... |
| CVE-2018-15692 | 2018-11-16 | Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users... |
| CVE-2018-15693 | 2018-11-16 | Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users... |
| CVE-2018-16395 | 2018-11-16 | An issue was discovered in the OpenSSL library in Ruby... |
| CVE-2018-16396 | 2018-11-16 | An issue was discovered in Ruby before 2.3.8, 2.4.x before... |
| CVE-2018-18755 | 2018-11-16 | K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id... |
| CVE-2018-18756 | 2018-11-16 | Local Server 1.0.9 has a Buffer Overflow via crafted data... |
| CVE-2018-18759 | 2018-11-16 | Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. |
| CVE-2018-18760 | 2018-11-16 | RhinOS 3.0 build 1190 allows CSRF. |
| CVE-2018-18761 | 2018-11-16 | SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection. |
| CVE-2018-18763 | 2018-11-16 | SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection. |
| CVE-2018-18793 | 2018-11-16 | School Event Management System 1.0 allows Arbitrary File Upload via... |
| CVE-2018-18794 | 2018-11-16 | School Event Management System 1.0 allows CSRF via user/controller.php?action=edit. |
| CVE-2018-18795 | 2018-11-16 | School Event Management System 1.0 has SQL Injection via the... |
| CVE-2018-18796 | 2018-11-16 | Library Management System 1.0 has SQL Injection via the "Search... |
| CVE-2018-18797 | 2018-11-16 | School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php. |
| CVE-2018-18799 | 2018-11-16 | School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos. |
| CVE-2018-18801 | 2018-11-16 | The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL]... |
| CVE-2018-18803 | 2018-11-16 | Curriculum Evaluation System 1.0 allows SQL Injection via the login... |
| CVE-2018-18804 | 2018-11-16 | Bakeshop Inventory System 1.0 has SQL injection via the login... |
| CVE-2018-18805 | 2018-11-16 | Point Of Sales 1.0 allows SQL injection via the login... |
| CVE-2018-18806 | 2018-11-16 | School Equipment Monitoring System 1.0 allows SQL injection via the... |
| CVE-2018-19311 | 2018-11-16 | Centreon 3.4.x (fixed in Centreon 18.10.0) allows XSS via the... |
| CVE-2018-19312 | 2018-11-16 | Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24)... |
| CVE-2018-19318 | 2018-11-16 | SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username... |
| CVE-2018-19319 | 2018-11-16 | SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices... |
| CVE-2018-18955 | 2018-11-16 | In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write()... |
| CVE-2018-15769 | 2018-11-16 | RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in... |
| CVE-2018-19274 | 2018-11-17 | Passing an absolute path to a file_exists check in phpBB... |
| CVE-2018-19324 | 2018-11-17 | kimsQ Rb 2.3.0 allows XSS via the second input field... |
| CVE-2018-19326 | 2018-11-17 | Zyxel VMG1312-B10D devices before 5.13(AAXA.8)C0 allow ../ Directory Traversal, as... |
| CVE-2018-19327 | 2018-11-17 | An issue was discovered in JTBC(PHP) 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF. |
| CVE-2018-19328 | 2018-11-17 | LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal. |
| CVE-2018-19329 | 2018-11-17 | GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files... |
| CVE-2018-19331 | 2018-11-17 | An issue was discovered in S-CMS v1.5. There is a... |
| CVE-2018-19332 | 2018-11-17 | An issue was discovered in S-CMS v1.5. There is a... |
| CVE-2018-19333 | 2018-11-17 | pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite... |