Search
Search Results (44250 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-21137 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2024-11-21 | 9.8 Critical |
| Certain NETGEAR devices are affected by a hardcoded password. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76. | ||||
| CVE-2018-21095 | 1 Netgear | 4 Srr60, Srr60 Firmware, Srs60 and 1 more | 2024-11-21 | 4.3 Medium |
| Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210. | ||||
| CVE-2018-21030 | 1 Jupyter | 1 Notebook | 2024-11-21 | 5.3 Medium |
| Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document. | ||||
| CVE-2018-21014 | 1 Buddyboss | 1 Buddymoss Media | 2024-11-21 | 5.4 Medium |
| The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS. | ||||
| CVE-2018-21012 | 1 Vsourz | 1 Cf7 Invisible Recaptcha | 2024-11-21 | 6.1 Medium |
| The cf7-invisible-recaptcha plugin before 1.3.2 for WordPress has XSS. | ||||
| CVE-2018-21001 | 1 Bologer | 1 Anycomment | 2024-11-21 | N/A |
| The anycomment plugin before 0.0.33 for WordPress has XSS. | ||||
| CVE-2018-20986 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2024-11-21 | N/A |
| The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors. | ||||
| CVE-2018-20983 | 1 Meowapps | 1 Wp Retina 2x | 2024-11-21 | N/A |
| The wp-retina-2x plugin before 5.2.3 for WordPress has XSS. | ||||
| CVE-2018-20982 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | N/A |
| The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens. | ||||
| CVE-2018-20978 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | N/A |
| The wp-all-import plugin before 3.4.7 for WordPress has XSS. | ||||
| CVE-2018-20975 | 1 Fatfreecrm | 1 Fat Free Crm | 2024-11-21 | N/A |
| Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb. | ||||
| CVE-2018-20970 | 1 Bestwebsoft | 1 Pdf \& Print | 2024-11-21 | N/A |
| The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues. | ||||
| CVE-2018-20966 | 1 Booster | 1 Booster For Woocommerce | 2024-11-21 | N/A |
| The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. | ||||
| CVE-2018-20965 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 6.1 Medium |
| The ultimate-member plugin before 2.0.4 for WordPress has XSS. | ||||
| CVE-2018-20963 | 1 Codepeople | 1 Contact Form Email | 2024-11-21 | N/A |
| The contact-form-to-email plugin before 1.2.66 for WordPress has XSS. | ||||
| CVE-2018-20962 | 1 Backpackforlaravel | 1 Backpack\\crud | 2024-11-21 | N/A |
| The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type. | ||||
| CVE-2018-20955 | 1 Swann | 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware | 2024-11-21 | N/A |
| Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31. | ||||
| CVE-2018-20953 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389). | ||||
| CVE-2018-20951 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387). | ||||
| CVE-2018-20950 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386). | ||||