CVE List - 2018 / December
Showing 1001 - 1100 of 1163 CVEs for December 2018 (Page 11 of 12)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-19869 | 2018-12-26 | An issue was discovered in Qt before 5.11.3. A malformed... |
| CVE-2018-19870 | 2018-12-26 | An issue was discovered in Qt before 5.11.3. A malformed... |
| CVE-2018-19871 | 2018-12-26 | An issue was discovered in Qt before 5.11.3. There is... |
| CVE-2018-19873 | 2018-12-26 | An issue was discovered in Qt before 5.11.3. QBmpHandler has... |
| CVE-2018-20217 | 2018-12-26 | A Reachable Assertion issue was discovered in the KDC in... |
| CVE-2018-20404 | 2018-12-26 | ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board,... |
| CVE-2018-20502 | 2018-12-26 | An issue was discovered in Bento4 1.5.1-627. There is an... |
| CVE-2018-20508 | 2018-12-27 | CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This... |
| CVE-2018-20511 | 2018-12-27 | An issue was discovered in the Linux kernel before 4.18.11.... |
| CVE-2018-20520 | 2018-12-27 | MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a... |
| CVE-2018-20519 | 2018-12-27 | An issue was discovered in 74cms v4.2.111. It allows remote... |
| CVE-2018-20524 | 2018-12-27 | The Chat Anywhere extension 2.4.0 for Chrome allows XSS via... |
| CVE-2018-1000888 | 2018-12-27 | PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915... |
| CVE-2018-20530 | 2018-12-27 | PHP Scripts Mall Website Seller Script 2.0.5 has XSS via... |
| CVE-2018-1000887 | 2018-12-27 | Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS)... |
| CVE-2018-1000889 | 2018-12-27 | Logisim Evolution version 2.14.3 and earlier contains an XML External... |
| CVE-2018-1000890 | 2018-12-27 | FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability... |
| CVE-2018-20528 | 2018-12-27 | JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. |
| CVE-2018-20532 | 2018-12-28 | There is a NULL pointer dereference at ext/testcase.c (function testcase_read)... |
| CVE-2018-20533 | 2018-12-28 | There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex)... |
| CVE-2018-20534 | 2018-12-28 | There is an illegal address access at ext/testcase.c in libsolv.a... |
| CVE-2018-20535 | 2018-12-28 | There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide... |
| CVE-2018-20536 | 2018-12-28 | There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in... |
| CVE-2018-20537 | 2018-12-28 | There is a NULL pointer dereference at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in... |
| CVE-2018-20538 | 2018-12-28 | There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide... |
| CVE-2018-20539 | 2018-12-28 | There is a Segmentation fault triggered by illegal address access... |
| CVE-2018-20540 | 2018-12-28 | There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS 1.8.1. |
| CVE-2018-20541 | 2018-12-28 | There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c... |
| CVE-2018-20542 | 2018-12-28 | There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in... |
| CVE-2018-20543 | 2018-12-28 | There is an attempted excessive memory allocation at libxsmm_sparse_csc_reader in... |
| CVE-2018-20544 | 2018-12-28 | There is floating point exception at caca/dither.c (function caca_dither_bitmap) in... |
| CVE-2018-20545 | 2018-12-28 | There is an illegal WRITE memory access at common-image.c (function... |
| CVE-2018-20546 | 2018-12-28 | There is an illegal READ memory access at caca/dither.c (function... |
| CVE-2018-20547 | 2018-12-28 | There is an illegal READ memory access at caca/dither.c (function... |
| CVE-2018-20548 | 2018-12-28 | There is an illegal WRITE memory access at common-image.c (function... |
| CVE-2018-20549 | 2018-12-28 | There is an illegal WRITE memory access at caca/file.c (function... |
| CVE-2018-20551 | 2018-12-28 | A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to... |
| CVE-2018-20552 | 2018-12-28 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree... |
| CVE-2018-20553 | 2018-12-28 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len... |
| CVE-2018-1000624 | 2018-12-28 | Battelle V2I Hub 2.5.1 is vulnerable to a denial of... |
| CVE-2018-1000625 | 2018-12-28 | Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative... |
| CVE-2018-1000626 | 2018-12-28 | Battelle V2I Hub 2.5.1 could allow a remote attacker to... |
| CVE-2018-1000627 | 2018-12-28 | Battelle V2I Hub 2.5.1 could allow a remote attacker to... |
| CVE-2018-1000628 | 2018-12-28 | Battelle V2I Hub 2.5.1 could allow a remote attacker to... |
| CVE-2018-1000629 | 2018-12-28 | Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused... |
| CVE-2018-1000630 | 2018-12-28 | Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A... |
| CVE-2018-1000631 | 2018-12-28 | Battelle V2I Hub 3.0 is vulnerable to SQL injection. A... |
| CVE-2018-15333 | 2018-12-28 | On versions 11.2.1. and greater, unrestricted Snapshot File Access allows... |
| CVE-2018-15334 | 2018-12-28 | A cross-site request forgery (CSRF) vulnerability in the APM webtop... |
| CVE-2018-15335 | 2018-12-28 | When APM 13.0.0-13.1.x is deployed as an OAuth Resource Server,... |
| CVE-2018-17539 | 2018-12-28 | The BGP daemon (bgpd) in all IP Infusion ZebOS versions... |
| CVE-2018-20570 | 2018-12-28 | jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer... |
| CVE-2018-20557 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit... |
| CVE-2018-20558 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update... |
| CVE-2018-20559 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update... |
| CVE-2018-20560 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?rec=update... |
| CVE-2018-20561 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.php?rec=update... |
| CVE-2018-20562 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article_category.php?rec=update... |
| CVE-2018-20563 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update... |
| CVE-2018-20564 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product_category.php?rec=update... |
| CVE-2018-20565 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update... |
| CVE-2018-20566 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. It... |
| CVE-2018-20567 | 2018-12-28 | An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php... |
| CVE-2018-20568 | 2018-12-28 | Administrator/index.php in Ivan Cordoba Generic Content Management System (CMS) through... |
| CVE-2018-20569 | 2018-12-28 | user/index.php in Ivan Cordoba Generic Content Management System (CMS) through... |
| CVE-2018-5203 | 2018-12-28 | DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerability that... |
| CVE-2018-5204 | 2018-12-28 | ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability... |
| CVE-2018-7366 | 2018-12-28 | ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions... |
| CVE-2018-20571 | 2018-12-28 | DamiCMS 6.0.1 allows remote attackers to read arbitrary files via... |
| CVE-2018-20572 | 2018-12-28 | WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL injection via the index.php?m=promote&f=index&v=search... |
| CVE-2018-20573 | 2018-12-28 | The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote... |
| CVE-2018-20574 | 2018-12-28 | The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote... |
| CVE-2018-16630 | 2018-12-28 | Kirby v2.5.12 allows XSS by using the "site files" Add... |
| CVE-2018-16632 | 2018-12-28 | Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter... |
| CVE-2018-16637 | 2018-12-28 | Evolution CMS 1.4.x allows XSS via the page weblink title... |
| CVE-2018-16638 | 2018-12-28 | Evolution CMS 1.4.x allows XSS via the manager/ search parameter. |
| CVE-2018-18665 | 2018-12-28 | The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum... |
| CVE-2018-18666 | 2018-12-28 | The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum... |
| CVE-2018-18667 | 2018-12-28 | The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum... |
| CVE-2018-18696 | 2018-12-28 | main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. NOTE:... |
| CVE-2018-20575 | 2018-12-28 | Orange Livebox 00.96.320S devices have an undocumented /system_firmwarel.stm URI for... |
| CVE-2018-20576 | 2018-12-28 | Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phone_test.exe CSRF, leading... |
| CVE-2018-20577 | 2018-12-28 | Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewall_SPI.exe, cgi-bin/setup_remote_mgmt.exe, cgi-bin/setup_pass.exe, and... |
| CVE-2018-20578 | 2018-12-28 | An issue was discovered in NuttX before 7.27. The function... |
| CVE-2018-20579 | 2018-12-28 | Contiki-NG before 4.2 has a stack-based buffer overflow in the... |
| CVE-2018-14979 | 2018-12-28 | The ASUS ZenFone 3 Max Android device with a build... |
| CVE-2018-14984 | 2018-12-28 | The Leagoo Z5C Android device with a build fingerprint of... |
| CVE-2018-14985 | 2018-12-28 | The Leagoo Z5C Android device with a build fingerprint of... |
| CVE-2018-14986 | 2018-12-28 | The Leagoo Z5C Android device with a build fingerprint of... |
| CVE-2018-14987 | 2018-12-28 | The MXQ TV Box 4.4.2 Android device with a build... |
| CVE-2018-14988 | 2018-12-28 | The MXQ TV Box 4.4.2 Android device with a build... |
| CVE-2018-14992 | 2018-12-28 | The ASUS ZenFone 3 Max Android device with a build... |
| CVE-2018-14995 | 2018-12-28 | The ZTE Blade Vantage Android device with a build fingerprint... |
| CVE-2018-14998 | 2018-12-28 | The Leagoo P1 Android device with a build fingerprint of... |
| CVE-2018-15001 | 2018-12-28 | The Vivo V7 Android device with a build fingerprint of... |
| CVE-2018-15002 | 2018-12-28 | The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys... |
| CVE-2018-15004 | 2018-12-28 | The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys... |
| CVE-2018-15005 | 2018-12-28 | The ZTE ZMAX Champ Android device with a build fingerprint... |
| CVE-2018-15006 | 2018-12-28 | The ZTE ZMAX Champ Android device with a build fingerprint... |
| CVE-2018-15007 | 2018-12-28 | The Sky Elite 6.0L+ Android device with a build fingerprint... |