CVE List - 2018 / December
Showing 801 - 900 of 1163 CVEs for December 2018 (Page 9 of 12)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-15722 | 2018-12-20 | The Logitech Harmony Hub before version 4.15.206 is vulnerable to... |
| CVE-2018-15723 | 2018-12-20 | The Logitech Harmony Hub before version 4.15.206 is vulnerable to... |
| CVE-2017-9732 | 2018-12-20 | The read_packet function in knc (Kerberised NetCat) before 1.11-1 is... |
| CVE-2018-12651 | 2018-12-20 | A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in... |
| CVE-2018-14846 | 2018-12-20 | The Mondula Multi Step Form plugin before 1.2.8 for WordPress... |
| CVE-2018-16627 | 2018-12-20 | panel/login in Kirby v2.5.12 allows Host header injection via the... |
| CVE-2018-17244 | 2018-12-20 | Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in... |
| CVE-2018-17245 | 2018-12-20 | Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0... |
| CVE-2018-17246 | 2018-12-20 | Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file... |
| CVE-2018-17247 | 2018-12-20 | Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw... |
| CVE-2018-18388 | 2018-12-20 | eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0... |
| CVE-2018-18399 | 2018-12-20 | SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in... |
| CVE-2018-18441 | 2018-12-20 | D-Link DCS series Wi-Fi cameras expose sensitive information regarding the... |
| CVE-2018-18442 | 2018-12-20 | D-Link DCS-825L devices with firmware 1.08 do not employ a... |
| CVE-2018-18629 | 2018-12-20 | An issue was discovered in the Keybase command-line client before... |
| CVE-2018-18767 | 2018-12-20 | An issue was discovered in D-Link 'myDlink Baby App' version... |
| CVE-2018-19134 | 2018-12-20 | In Artifex Ghostscript through 9.25, the setpattern operator did not... |
| CVE-2018-19239 | 2018-12-20 | TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vulnerability... |
| CVE-2018-19240 | 2018-12-20 | Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68,... |
| CVE-2018-19241 | 2018-12-20 | Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68,... |
| CVE-2018-19242 | 2018-12-20 | Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU... |
| CVE-2018-20124 | 2018-12-20 | hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds... |
| CVE-2018-20191 | 2018-12-20 | hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such... |
| CVE-2018-20318 | 2018-12-21 | An issue was discovered in weixin-java-tools v3.2.0. There is an... |
| CVE-2018-20327 | 2018-12-21 | Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the... |
| CVE-2018-20328 | 2018-12-21 | Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the... |
| CVE-2018-20329 | 2018-12-21 | Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing... |
| CVE-2018-20330 | 2018-12-21 | The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow... |
| CVE-2018-20332 | 2018-12-21 | An issue has been discovered in the OpenWebif plugin through... |
| CVE-2018-20337 | 2018-12-21 | There is a stack-based buffer overflow in the parse_makernote function... |
| CVE-2018-20338 | 2018-12-21 | Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection... |
| CVE-2018-20339 | 2018-12-21 | Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in... |
| CVE-2018-18330 | 2018-12-21 | An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety... |
| CVE-2018-18331 | 2018-12-21 | A Trend Micro OfficeScan XG weak file permissions vulnerability on... |
| CVE-2018-18332 | 2018-12-21 | A Trend Micro OfficeScan XG weak file permissions vulnerability may... |
| CVE-2018-5196 | 2018-12-21 | Alzip Stack Overflow Vulnerability |
| CVE-2018-5201 | 2018-12-21 | Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472... |
| CVE-2018-5202 | 2018-12-21 | SKCertService 2.5.5 and earlier contains a vulnerability that could allow... |
| CVE-2018-20342 | 2018-12-21 | The Floureon IP Camera SP012 provides a root terminal on... |
| CVE-2018-20345 | 2018-12-21 | Incorrect access control in StackStorm API (st2api) in StackStorm before... |
| CVE-2018-20346 | 2018-12-21 | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters... |
| CVE-2018-16778 | 2018-12-21 | Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows... |
| CVE-2018-20226 | 2018-12-21 | An organization administrator can add a super administrator in THEHIVE... |
| CVE-2018-20322 | 2018-12-21 | LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in... |
| CVE-2018-20325 | 2018-12-21 | There is a vulnerability in load() method in definitions/parser.py in... |
| CVE-2018-18007 | 2018-12-21 | atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to... |
| CVE-2018-18008 | 2018-12-21 | spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote... |
| CVE-2018-18009 | 2018-12-21 | dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers... |
| CVE-2018-20193 | 2018-12-21 | Certain Secure Access SA Series SSL VPN products (originally developed... |
| CVE-2018-19320 | 2018-12-21 | The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and... |
| CVE-2018-19321 | 2018-12-21 | The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center... |
| CVE-2018-19322 | 2018-12-21 | The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center... |
| CVE-2018-19323 | 2018-12-21 | The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and... |
| CVE-2018-20348 | 2018-12-22 | libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to... |
| CVE-2018-20349 | 2018-12-22 | The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has... |
| CVE-2018-20351 | 2018-12-22 | The Markdown component in Evernote (Chinese) before 8.3.2 on macOS... |
| CVE-2018-19863 | 2018-12-22 | An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on... |
| CVE-2018-20357 | 2018-12-22 | A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c... |
| CVE-2018-20358 | 2018-12-22 | An invalid memory address dereference was discovered in the lt_prediction... |
| CVE-2018-20359 | 2018-12-22 | An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS... |
| CVE-2018-20360 | 2018-12-22 | An invalid memory address dereference was discovered in the sbr_process_channel... |
| CVE-2018-20361 | 2018-12-22 | An invalid memory address dereference was discovered in the hf_assembly... |
| CVE-2018-20362 | 2018-12-22 | A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c... |
| CVE-2018-20363 | 2018-12-22 | LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer... |
| CVE-2018-20364 | 2018-12-22 | LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer... |
| CVE-2018-20365 | 2018-12-22 | LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. |
| CVE-2018-20367 | 2018-12-22 | The "mall some commodity details: commodity consultation" component in WSTMart... |
| CVE-2018-20331 | 2018-12-23 | Local attackers can trigger a Kernel Pool Buffer Overflow in... |
| CVE-2018-20368 | 2018-12-23 | The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has... |
| CVE-2018-20369 | 2018-12-23 | Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling... |
| CVE-2018-20370 | 2018-12-23 | SZ NetChat before 7.9 has XSS in the MyName input... |
| CVE-2018-20371 | 2018-12-23 | PhotoRange Photo Vault 1.2 appends the password to the URI... |
| CVE-2018-20372 | 2018-12-23 | TP-Link TD-W8961ND devices allow XSS via the hostname of a... |
| CVE-2018-20373 | 2018-12-23 | Tenda ADSL modem routers 1.0.1 allow XSS via the hostname... |
| CVE-2018-20374 | 2018-12-23 | An issue was discovered in Tiny C Compiler (aka TinyCC... |
| CVE-2018-20375 | 2018-12-23 | An issue was discovered in Tiny C Compiler (aka TinyCC... |
| CVE-2018-20376 | 2018-12-23 | An issue was discovered in Tiny C Compiler (aka TinyCC... |
| CVE-2018-20377 | 2018-12-23 | Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi... |
| CVE-2018-20399 | 2018-12-23 | Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow... |
| CVE-2018-20379 | 2018-12-23 | Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol... |
| CVE-2018-20380 | 2018-12-23 | Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026... |
| CVE-2018-20381 | 2018-12-23 | Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow remote attackers to discover credentials... |
| CVE-2018-20382 | 2018-12-23 | Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials... |
| CVE-2018-20383 | 2018-12-23 | ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers... |
| CVE-2018-20384 | 2018-12-23 | iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote... |
| CVE-2018-20385 | 2018-12-23 | CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT, CBW383G4J 37.556mp5.008, and CBW38G4J 37.553mp1.008... |
| CVE-2018-20386 | 2018-12-23 | ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials... |
| CVE-2018-20387 | 2018-12-23 | Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow... |
| CVE-2018-20388 | 2018-12-23 | Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers... |
| CVE-2018-20389 | 2018-12-23 | D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers... |
| CVE-2018-20390 | 2018-12-23 | Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA 3.0.8 devices allow... |
| CVE-2018-20391 | 2018-12-23 | TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers to discover credentials... |
| CVE-2018-20392 | 2018-12-23 | S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers to discover... |
| CVE-2018-20393 | 2018-12-23 | Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC, DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a, TC7110.AR STD3.38.03, TC7110.B... |
| CVE-2018-20394 | 2018-12-23 | Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36... |
| CVE-2018-20395 | 2018-12-23 | NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote attackers to discover credentials... |
| CVE-2018-20396 | 2018-12-23 | NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow remote attackers... |
| CVE-2018-20397 | 2018-12-23 | mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to discover credentials... |
| CVE-2018-20398 | 2018-12-23 | Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and... |
| CVE-2018-20400 | 2018-12-23 | Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote attackers... |