Export limit exceeded: 339118 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24686 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10955 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222548. | ||||
| CVE-2018-10954 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222550. | ||||
| CVE-2018-10953 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x0022204C. | ||||
| CVE-2018-10952 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222088. | ||||
| CVE-2018-10950 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | N/A |
| mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump. | ||||
| CVE-2018-10949 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | N/A |
| mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors. | ||||
| CVE-2018-10947 | 1 Polycom | 2 Realpresence Debut, Realpresence Debut Firmware | 2024-11-21 | N/A |
| An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted. | ||||
| CVE-2018-10946 | 1 Polycom | 2 Realpresence Debut, Realpresence Debut Firmware | 2024-11-21 | N/A |
| An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI. | ||||
| CVE-2018-10943 | 1 Barco | 4 Clickshare Cs-100, Clickshare Cs-100 Firmware, Clickshare Cse-200 and 1 more | 2024-11-21 | N/A |
| An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3. Sending an arbitrary unexpected string to TCP port 7100 respecting a certain frequency timing disconnects all clients and results in a crash of the Unit. | ||||
| CVE-2018-10935 | 1 Redhat | 2 389 Directory Server, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | ||||
| CVE-2018-10930 | 4 Debian, Gluster, Opensuse and 1 more | 8 Debian Linux, Glusterfs, Leap and 5 more | 2024-11-21 | 6.5 Medium |
| A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. | ||||
| CVE-2018-10929 | 4 Debian, Gluster, Opensuse and 1 more | 7 Debian Linux, Glusterfs, Leap and 4 more | 2024-11-21 | 8.8 High |
| A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. | ||||
| CVE-2018-10927 | 4 Debian, Gluster, Opensuse and 1 more | 7 Debian Linux, Glusterfs, Leap and 4 more | 2024-11-21 | 8.1 High |
| A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. | ||||
| CVE-2018-10926 | 4 Debian, Gluster, Opensuse and 1 more | 7 Debian Linux, Glusterfs, Leap and 4 more | 2024-11-21 | 8.8 High |
| A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | ||||
| CVE-2018-10923 | 4 Debian, Gluster, Opensuse and 1 more | 7 Debian Linux, Glusterfs, Leap and 4 more | 2024-11-21 | 8.1 High |
| It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node. | ||||
| CVE-2018-10922 | 1 Ttembed Project | 1 Ttembed | 2024-11-21 | N/A |
| An input validation flaw exists in ttembed. With a crafted input file, an attacker may be able to trigger a denial of service condition due to ttembed trusting attacker controlled values. | ||||
| CVE-2018-10921 | 1 Ttembed Project | 1 Ttembed | 2024-11-21 | N/A |
| Certain input files may trigger an integer overflow in ttembed input file processing. This overflow could potentially lead to corruption of the input file due to a lack of checking return codes of fgetc/fputc function calls. | ||||
| CVE-2018-10920 | 1 Nic | 1 Knot Resolver | 2024-11-21 | 6.8 Medium |
| Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. | ||||
| CVE-2018-10919 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-11-21 | N/A |
| The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. | ||||
| CVE-2018-10916 | 4 Canonical, Lftp Project, Opensuse and 1 more | 4 Ubuntu Linux, Lftp, Leap and 1 more | 2024-11-21 | N/A |
| It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system. | ||||