CVE List - 2018 / November
Showing 601 - 700 of 983 CVEs for November 2018 (Page 7 of 10)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-19340 | 2018-11-17 | Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID,... |
| CVE-2018-19341 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19342 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19343 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19344 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19345 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19346 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19347 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19348 | 2018-11-17 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit... |
| CVE-2018-19349 | 2018-11-17 | In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php... |
| CVE-2018-19350 | 2018-11-17 | In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit... |
| CVE-2018-19351 | 2018-11-18 | Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook... |
| CVE-2018-19352 | 2018-11-18 | Jupyter Notebook before 5.7.2 allows XSS via a crafted directory... |
| CVE-2018-19353 | 2018-11-18 | The ansilove_ansi function in loaders/ansi.c in libansilove 1.0.0 allows remote... |
| CVE-2008-7320 | 2018-11-18 | GNOME Seahorse through 3.30 allows physically proximate attackers to read... |
| CVE-2018-19358 | 2018-11-18 | GNOME Keyring through 3.28.2 allows local users to retrieve login... |
| CVE-2018-19355 | 2018-11-19 | modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop... |
| CVE-2018-18519 | 2018-11-19 | BestXsoftware Best Free Keylogger before 6.0.0 allows local users to... |
| CVE-2018-17190 | 2018-11-19 | In all versions of Apache Spark, its standalone resource manager... |
| CVE-2018-15759 | 2018-11-19 | On Demand Services SDK Timing Attack Vulnerability |
| CVE-2018-15761 | 2018-11-19 | UAA Privilege Escalation |
| CVE-2018-1841 | 2018-11-19 | IBM Cloud Private 2.1.0 could allow a local user to... |
| CVE-2018-9207 | 2018-11-19 | Arbitrary file upload in jQuery Upload File <= 4.0.2 |
| CVE-2018-9209 | 2018-11-19 | Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2 |
| CVE-2018-17906 | 2018-11-19 | Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and... |
| CVE-2018-10099 | 2018-11-20 | Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability... |
| CVE-2018-19334 | 2018-11-20 | Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability... |
| CVE-2018-19335 | 2018-11-20 | Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability... |
| CVE-2018-19367 | 2018-11-20 | Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify... |
| CVE-2018-1779 | 2018-11-20 | IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated... |
| CVE-2018-17948 | 2018-11-20 | An open redirect vulnerability exists in the Access Manager Identity... |
| CVE-2018-12037 | 2018-11-20 | An issue was discovered on Samsung 840 EVO and 850... |
| CVE-2018-12038 | 2018-11-20 | An issue was discovered on Samsung 840 EVO devices. Vendor-specific... |
| CVE-2018-16222 | 2018-11-20 | Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in... |
| CVE-2018-16223 | 2018-11-20 | Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee... |
| CVE-2018-16224 | 2018-11-20 | Incorrect access control for the diagnostic files of the iSmartAlarm... |
| CVE-2018-18439 | 2018-11-20 | DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow... |
| CVE-2018-18440 | 2018-11-20 | DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow... |
| CVE-2018-18561 | 2018-11-20 | An issue was discovered in Roche Accu-Chek Inform II Base... |
| CVE-2018-18562 | 2018-11-20 | An issue was discovered in Roche Accu-Chek Inform II Base... |
| CVE-2018-18563 | 2018-11-20 | An issue was discovered in Roche Accu-Chek Inform II Instrument... |
| CVE-2018-18564 | 2018-11-20 | An issue was discovered in Roche Accu-Chek Inform II Instrument... |
| CVE-2018-18565 | 2018-11-20 | An issue was discovered in Roche Accu-Chek Inform II Instrument... |
| CVE-2018-18715 | 2018-11-20 | Zoho ManageEngine OpManager 12.3 before 123219 has stored XSS. |
| CVE-2018-18716 | 2018-11-20 | Zoho ManageEngine OpManager 12.3 before 123219 has a Self XSS... |
| CVE-2018-18772 | 2018-11-20 | CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF... |
| CVE-2018-18773 | 2018-11-20 | CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF... |
| CVE-2018-18774 | 2018-11-20 | CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows XSS... |
| CVE-2018-18856 | 2018-11-20 | Multiple local privilege escalation vulnerabilities have been identified in the... |
| CVE-2018-18857 | 2018-11-20 | Multiple local privilege escalation vulnerabilities have been identified in the... |
| CVE-2018-18858 | 2018-11-20 | Multiple local privilege escalation vulnerabilities have been identified in the... |
| CVE-2018-18859 | 2018-11-20 | Multiple local privilege escalation vulnerabilities have been identified in the... |
| CVE-2018-18861 | 2018-11-20 | Buffer overflow in PCMan FTP Server 2.0.7 allows for remote... |
| CVE-2018-18864 | 2018-11-20 | Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache... |
| CVE-2018-18865 | 2018-11-20 | The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28)... |
| CVE-2018-19376 | 2018-11-20 | An issue was discovered in GreenCMS v2.3.0603. There is a... |
| CVE-2018-19388 | 2018-11-20 | FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause... |
| CVE-2018-19389 | 2018-11-20 | FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause... |
| CVE-2018-19390 | 2018-11-20 | FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause... |
| CVE-2018-19395 | 2018-11-20 | ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers... |
| CVE-2018-19396 | 2018-11-20 | ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause... |
| CVE-2018-19404 | 2018-11-21 | In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute... |
| CVE-2018-19406 | 2018-11-21 | kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows... |
| CVE-2018-19407 | 2018-11-21 | The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through... |
| CVE-2018-19422 | 2018-11-21 | /panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute... |
| CVE-2009-5153 | 2018-11-21 | In Novell NetWare before 6.5 SP8, a stack buffer overflow... |
| CVE-2018-1843 | 2018-11-21 | The Identity and Access Management (IAM) services (IBM Cloud Private... |
| CVE-2018-19409 | 2018-11-21 | An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams... |
| CVE-2018-19410 | 2018-11-21 | PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to... |
| CVE-2018-19411 | 2018-11-21 | PRTG Network Monitor before 18.2.40.1683 allows an authenticated user with... |
| CVE-2018-19416 | 2018-11-21 | An issue was discovered in sysstat 12.1.1. The remap_struct function... |
| CVE-2018-19417 | 2018-11-21 | An issue was discovered in the MQTT server in Contiki-NG... |
| CVE-2018-19423 | 2018-11-21 | Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code... |
| CVE-2018-19420 | 2018-11-21 | In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are... |
| CVE-2018-19421 | 2018-11-21 | In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer... |
| CVE-2018-19424 | 2018-11-21 | ClipperCMS 1.3.3 allows remote authenticated administrators to upload .htaccess files. |
| CVE-2018-19432 | 2018-11-22 | An issue was discovered in libsndfile 1.0.28. There is a... |
| CVE-2018-19433 | 2018-11-22 | ShowDoc 2.4.1 has XSS via the lang parameter because install/database.php... |
| CVE-2018-19434 | 2018-11-22 | An issue was discovered on the "Bank Account Matching -... |
| CVE-2018-19435 | 2018-11-22 | An issue was discovered in the Sales component in webERP... |
| CVE-2018-19436 | 2018-11-22 | An issue was discovered in the Manufacturing component in webERP... |
| CVE-2018-19437 | 2018-11-22 | UCMS 1.4.7 allows remote authenticated users to change the administrator... |
| CVE-2018-19443 | 2018-11-22 | The client in Tryton 5.x before 5.0.1 tries to make... |
| CVE-2018-19457 | 2018-11-22 | Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads... |
| CVE-2018-19458 | 2018-11-22 | In PHP Proxy 3.0.3, any user can read files from... |
| CVE-2018-19459 | 2018-11-22 | Adult Filter 1.0 has a Buffer Overflow via a crafted... |
| CVE-2018-19463 | 2018-11-22 | zb_system/function/lib/upload.php in Z-BlogPHP through 1.5.1 allows remote attackers to execute... |
| CVE-2018-19464 | 2018-11-22 | Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and template\default\common\footer.htm... |
| CVE-2018-19468 | 2018-11-23 | HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via... |
| CVE-2018-19469 | 2018-11-23 | ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or... |
| CVE-2018-19475 | 2018-11-23 | psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to... |
| CVE-2018-19476 | 2018-11-23 | psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to... |
| CVE-2018-19477 | 2018-11-23 | psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to... |
| CVE-2018-19486 | 2018-11-23 | Git before 2.19.2 on Linux and UNIX executes commands from... |
| CVE-2018-19490 | 2018-11-23 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This... |
| CVE-2018-19491 | 2018-11-23 | An issue was discovered in post.trm in Gnuplot 5.2.5. This... |
| CVE-2018-19492 | 2018-11-23 | An issue was discovered in cairo.trm in Gnuplot 5.2.5. This... |
| CVE-2018-19499 | 2018-11-23 | Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code... |
| CVE-2018-19502 | 2018-11-23 | An issue was discovered in Freeware Advanced Audio Decoder 2... |
| CVE-2018-19503 | 2018-11-23 | An issue was discovered in Freeware Advanced Audio Decoder 2... |