CVE List - 2018 / April
Showing 401 - 500 of 1667 CVEs for April 2018 (Page 5 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2017-2853 | 2018-04-05 | An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality... |
| CVE-2017-2861 | 2018-04-05 | An exploitable Denial of Service vulnerability exists in the use... |
| CVE-2017-2867 | 2018-04-05 | An exploitable code execution vulnerability exists in the SavePatientMontage functionality... |
| CVE-2017-2868 | 2018-04-05 | An exploitable code execution vulnerability exists in the NewProducerStream functionality... |
| CVE-2017-2869 | 2018-04-05 | An exploitable code execution vulnerability exists in the OpenProducer functionality... |
| CVE-2018-9328 | 2018-04-05 | PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via... |
| CVE-2017-12088 | 2018-04-05 | An exploitable denial of service vulnerability exists in the Ethernet... |
| CVE-2017-12089 | 2018-04-05 | An exploitable denial of service vulnerability exists in the program... |
| CVE-2017-12090 | 2018-04-05 | An exploitable denial of service vulnerability exists in the processing... |
| CVE-2017-12093 | 2018-04-05 | An exploitable insufficient resource pool vulnerability exists in the session... |
| CVE-2017-14462 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14463 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14464 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14465 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14466 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14467 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14468 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14469 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14470 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14471 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14472 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2017-14473 | 2018-04-05 | An exploitable access control vulnerability exists in the data, program,... |
| CVE-2018-1096 | 2018-04-05 | An input sanitization flaw was found in the id field... |
| CVE-2018-1000156 | 2018-04-06 | GNU Patch version 2.7.6 contains an input validation vulnerability when... |
| CVE-2017-18097 | 2018-04-06 | The Trello board importer resource in Atlassian Jira before version... |
| CVE-2017-18098 | 2018-04-06 | The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows... |
| CVE-2018-1270 | 2018-04-06 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3... |
| CVE-2018-1271 | 2018-04-06 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3... |
| CVE-2018-1272 | 2018-04-06 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3... |
| CVE-2018-7506 | 2018-04-06 | The private key of the web server in Moxa MXview... |
| CVE-2014-2359 | 2018-04-06 | OleumTech Wireless Sensor Network devices allow remote attackers to obtain... |
| CVE-2014-3539 | 2018-04-06 | base/oi/doa.py in the Rope library in CPython (aka Python) allows... |
| CVE-2014-5034 | 2018-04-06 | Cross-site request forgery (CSRF) vulnerability in the Brute Force Login... |
| CVE-2014-5072 | 2018-04-06 | Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log... |
| CVE-2013-6876 | 2018-04-06 | The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in... |
| CVE-2014-1226 | 2018-04-06 | The pipe_init_terminal function in main.c in s3dvt allows local users... |
| CVE-2018-9838 | 2018-04-06 | The caml_ba_deserialize function in byterun/bigarray.c in the standard library in... |
| CVE-2018-9331 | 2018-04-07 | An issue was discovered in zzcms 8.2. user/adv.php allows remote... |
| CVE-2018-9841 | 2018-04-07 | The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows... |
| CVE-2018-9844 | 2018-04-07 | The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress... |
| CVE-2018-9330 | 2018-04-07 | register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by... |
| CVE-2018-9325 | 2018-04-07 | Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to... |
| CVE-2018-9326 | 2018-04-07 | Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary... |
| CVE-2018-9327 | 2018-04-07 | Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to... |
| CVE-2018-9846 | 2018-04-07 | In Roundcube from versions 1.2.0 to 1.3.5, with the archive... |
| CVE-2018-9847 | 2018-04-07 | In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows... |
| CVE-2018-9848 | 2018-04-07 | In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows... |
| CVE-2018-9850 | 2018-04-08 | In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allows remote attackers to delete... |
| CVE-2018-9851 | 2018-04-08 | In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read... |
| CVE-2018-9852 | 2018-04-08 | In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read... |
| CVE-2017-18258 | 2018-04-08 | The xz_head function in xzlib.c in libxml2 before 2.9.6 allows... |
| CVE-2018-6905 | 2018-04-08 | The page module in TYPO3 before 8.7.11, and 9.1.0, has... |
| CVE-2018-9857 | 2018-04-09 | PHP Scripts Mall Match Clone Script 1.0.4 has XSS via... |
| CVE-2018-9856 | 2018-04-09 | Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in... |
| CVE-2018-0545 | 2018-04-09 | LXR version 1.0.0 to 2.3.0 allows remote attackers to execute... |
| CVE-2018-0553 | 2018-04-09 | The iRemoconWiFi App for Android version 4.1.7 and earlier does... |
| CVE-2018-0554 | 2018-04-09 | Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass... |
| CVE-2018-0555 | 2018-04-09 | Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an... |
| CVE-2018-0556 | 2018-04-09 | Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute... |
| CVE-2018-1308 | 2018-04-09 | This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0... |
| CVE-2018-9862 | 2018-04-09 | util.c in runV 1.0.0 for Docker mishandles a numeric username,... |
| CVE-2018-9864 | 2018-04-09 | The WP Live Chat Support plugin before 8.0.06 for WordPress... |
| CVE-2018-6182 | 2018-04-09 | Mahara 16.10 before 16.10.9 and 17.04 before 17.04.7 and 17.10... |
| CVE-2017-2826 | 2018-04-09 | An information disclosure vulnerability exists in the iConfig proxy request... |
| CVE-2018-1217 | 2018-04-09 | Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1,... |
| CVE-2018-5463 | 2018-04-09 | A structured exception handler overflow vulnerability in Leao Consultoria e... |
| CVE-2018-9840 | 2018-04-10 | The Open Whisper Signal app before 2.23.2 for iOS allows... |
| CVE-2018-9922 | 2018-04-10 | An issue was discovered in idreamsoft iCMS through 7.0.7. Physical... |
| CVE-2018-9923 | 2018-04-10 | An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF... |
| CVE-2018-9924 | 2018-04-10 | An issue was discovered in idreamsoft iCMS through 7.0.7. SQL... |
| CVE-2018-9925 | 2018-04-10 | An issue was discovered in idreamsoft iCMS through 7.0.7. XSS... |
| CVE-2018-9926 | 2018-04-10 | An issue was discovered in WUZHI CMS 4.1.0. There is... |
| CVE-2018-9927 | 2018-04-10 | An issue was discovered in WUZHI CMS 4.1.0. There is... |
| CVE-2018-9928 | 2018-04-10 | Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows... |
| CVE-2018-9934 | 2018-04-10 | The reset-password feature in MetInfo 6.0 allows remote attackers to... |
| CVE-2017-18100 | 2018-04-10 | The agile wallboard gadget in Atlassian Jira before version 7.8.1... |
| CVE-2017-1081 | 2018-04-10 | In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using... |
| CVE-2017-18101 | 2018-04-10 | Various administrative external system import resources in Atlassian JIRA Server... |
| CVE-2018-5227 | 2018-04-10 | Various administrative application link resources in Atlassian Application Links before... |
| CVE-2014-0158 | 2018-04-10 | Heap-based buffer overflow in the JPEG2000 image tile decoder in... |
| CVE-2014-1398 | 2018-04-10 | The entity wrapper access API in the Entity API module... |
| CVE-2014-1399 | 2018-04-10 | The entity wrapper access API in the Entity API module... |
| CVE-2014-1400 | 2018-04-10 | The entity_access API in the Entity API module 7.x-1.x before... |
| CVE-2014-1889 | 2018-04-10 | The Group creation process in the Buddypress plugin before 1.9.2... |
| CVE-2014-1946 | 2018-04-10 | OpenDocMan 1.2.7 and earlier does not properly validate allowed actions,... |
| CVE-2014-2073 | 2018-04-10 | Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote... |
| CVE-2014-2078 | 2018-04-10 | The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows... |
| CVE-2014-3114 | 2018-04-10 | The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier... |
| CVE-2014-3999 | 2018-04-10 | The Horde_Ldap library before 2.0.6 for Horde allows remote attackers... |
| CVE-2015-0172 | 2018-04-10 | IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote... |
| CVE-2015-1957 | 2018-04-10 | IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3... |
| CVE-2017-14323 | 2018-04-10 | SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in... |
| CVE-2017-14611 | 2018-04-10 | SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote... |
| CVE-2018-2403 | 2018-04-10 | Under certain conditions, SAP Disclosure Management 10.1 allows an attacker... |
| CVE-2018-2404 | 2018-04-10 | SAP Disclosure Management 10.1 allows an attacker to upload any... |
| CVE-2018-2405 | 2018-04-10 | SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows... |
| CVE-2018-2406 | 2018-04-10 | Unquoted windows search path (directory/path traversal) vulnerability in Crystal Reports... |
| CVE-2018-2408 | 2018-04-10 | Improper Session Management in SAP Business Objects, 4.0, from 4.10,... |
| CVE-2018-2409 | 2018-04-10 | Improper session management when using SAP Cloud Platform 2.0 (Connectivity... |
| CVE-2018-2410 | 2018-04-10 | SAP Business One, 9.2, 9.3, browser access does not sufficiently... |