CVE List - 2018 / December
Showing 1101 - 1163 of 1163 CVEs for December 2018 (Page 12 of 12)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-20584 | 2018-12-30 | JasPer 2.0.14 allows remote attackers to cause a denial of... |
| CVE-2018-20583 | 2018-12-30 | Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library... |
| CVE-2018-20588 | 2018-12-30 | lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read. |
| CVE-2018-20589 | 2018-12-30 | Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has... |
| CVE-2018-20590 | 2018-12-30 | Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has... |
| CVE-2018-20591 | 2018-12-30 | A heap-based buffer over-read was discovered in decompileJUMP function in... |
| CVE-2018-20592 | 2018-12-30 | In Mini-XML (aka mxml) v2.12, there is a use-after-free in... |
| CVE-2018-20593 | 2018-12-30 | In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow... |
| CVE-2018-20594 | 2018-12-30 | An issue was discovered in hsweb 3.0.4. It is a... |
| CVE-2018-20595 | 2018-12-30 | A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4... |
| CVE-2018-20596 | 2018-12-30 | Jspxcms v9.0.0 allows SSRF. |
| CVE-2018-20597 | 2018-12-30 | UCMS 1.4.7 has XSS via the dir parameter in an... |
| CVE-2018-20598 | 2018-12-30 | UCMS 1.4.7 has ?do=user_addpost CSRF. |
| CVE-2018-20599 | 2018-12-30 | UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code... |
| CVE-2018-20600 | 2018-12-30 | sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit... |
| CVE-2018-20601 | 2018-12-30 | UCMS 1.4.7 has XSS via the description parameter in an... |
| CVE-2018-20602 | 2018-12-30 | Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path... |
| CVE-2018-20603 | 2018-12-30 | Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF. |
| CVE-2018-20604 | 2018-12-30 | Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal... |
| CVE-2018-20605 | 2018-12-30 | imcat 4.4 allows remote attackers to execute arbitrary PHP code... |
| CVE-2018-20606 | 2018-12-30 | imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. |
| CVE-2018-20607 | 2018-12-30 | imcat 4.4 allows remote attackers to obtain potentially sensitive debugging... |
| CVE-2018-20608 | 2018-12-30 | imcat 4.4 allows remote attackers to read phpinfo output via... |
| CVE-2018-20609 | 2018-12-30 | imcat 4.4 allows remote attackers to obtain potentially sensitive configuration... |
| CVE-2018-20610 | 2018-12-30 | imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. |
| CVE-2018-20611 | 2018-12-30 | imcat 4.4 allow XSS via a crafted cookie to the... |
| CVE-2018-20612 | 2018-12-30 | UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF. |
| CVE-2018-20613 | 2018-12-30 | TEMMOKU T1.09 Beta allows admin/user/add CSRF. |
| CVE-2018-20614 | 2018-12-30 | public\install\install.php in CIM 0.9.3 allows remote attackers to reload the... |
| CVE-2018-20616 | 2018-12-31 | ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the... |
| CVE-2018-17191 | 2018-12-31 | Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is... |
| CVE-2018-20617 | 2018-12-31 | ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the... |
| CVE-2018-19844 | 2018-12-31 | FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter,... |
| CVE-2018-19845 | 2018-12-31 | There is Stored XSS in GetSimple CMS 3.3.12 via the... |
| CVE-2018-19901 | 2018-12-31 | No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/... |
| CVE-2018-19902 | 2018-12-31 | No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article... |
| CVE-2018-19903 | 2018-12-31 | Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title... |
| CVE-2018-19904 | 2018-12-31 | Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body"... |
| CVE-2018-19905 | 2018-12-31 | HTML injection exists in razorCMS 3.4.8 via the /#/page keywords... |
| CVE-2018-19906 | 2018-12-31 | Stored XSS exists in razorCMS 3.4.8 via the /#/page description... |
| CVE-2018-19918 | 2018-12-31 | CuppaCMS has XSS via an SVG document uploaded to the... |
| CVE-2018-20618 | 2018-12-31 | ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the... |
| CVE-2018-18593 | 2018-12-31 | MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities |
| CVE-2018-18600 | 2018-12-31 | The remote upgrade feature in Guardzilla GZ180 devices allow command... |
| CVE-2018-18601 | 2018-12-31 | The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla... |
| CVE-2018-18602 | 2018-12-31 | The Cloud API on Guardzilla smart cameras allows user enumeration,... |
| CVE-2018-19937 | 2018-12-31 | A local, authenticated attacker can bypass the passcode in the... |
| CVE-2018-6668 | 2018-12-31 | Bypass Application Control with simple DLL |
| CVE-2018-20622 | 2018-12-31 | JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a... |
| CVE-2018-20623 | 2018-12-31 | In GNU Binutils 2.31.1, there is a use-after-free in the... |
| CVE-2018-6334 | 2018-12-31 | Multipart-file uploads call variables to be improperly registered in the... |
| CVE-2018-6335 | 2018-12-31 | A Malformed h2 frame can cause 'std::out_of_range' exception when parsing... |
| CVE-2018-6336 | 2018-12-31 | An issue was discovered in osquery. A maliciously crafted Universal/fat... |
| CVE-2018-6337 | 2018-12-31 | folly::secureRandom will re-use a buffer between parent and child processes... |
| CVE-2018-6340 | 2018-12-31 | The Memcache::getextendedstats function can be used to trigger an out-of-bounds... |
| CVE-2018-6341 | 2018-12-31 | React applications which rendered to HTML using the ReactDOMServer API... |
| CVE-2018-6342 | 2018-12-31 | react-dev-utils on Windows allows developers to run a local webserver... |
| CVE-2018-6343 | 2018-12-31 | Proxygen fails to validate that a secondary auth manager is... |
| CVE-2018-6344 | 2018-12-31 | A heap corruption in WhatsApp can be caused by a... |
| CVE-2018-6346 | 2018-12-31 | A potential denial-of-service issue in the Proxygen handling of invalid... |
| CVE-2018-6347 | 2018-12-31 | An issue in the Proxygen handling of HTTP2 parsing of... |
| CVE-2018-6331 | 2018-12-31 | Buck parser-cache command loads/saves state using Java serialized object. If... |
| CVE-2018-6333 | 2018-12-31 | The hhvm-attach deep link handler in Nuclide did not properly... |