Total
11158 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8954 | 1 Ca | 1 Workload Control Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request. | |||||
| CVE-2018-8945 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. | |||||
| CVE-2018-8904 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002000. | |||||
| CVE-2018-8896 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222044. | |||||
| CVE-2018-8895 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. | |||||
| CVE-2018-8894 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222108. | |||||
| CVE-2018-8876 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098. | |||||
| CVE-2018-8875 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x0022209c. | |||||
| CVE-2018-8874 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222054. | |||||
| CVE-2018-8873 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. | |||||
| CVE-2018-8869 | 1 Lantech | 2 Ids 2102, Ids 2102 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2018-8867 | 1 Ge | 16 Pacsystems Cpu320, Pacsystems Cpu320 Firmware, Pacsystems Cru320 and 13 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable. | |||||
| CVE-2018-8850 | 1 Philips | 1 E-alert Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution. | |||||
| CVE-2018-8826 | 1 Asus | 26 Rt-ac1200, Rt-ac1200 Firmware, Rt-ac1750 and 23 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2018-8821 | 1 Jungo | 1 Windriver | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file. | |||||
| CVE-2018-8779 | 3 Canonical, Debian, Ruby-lang | 3 Ubuntu Linux, Debian Linux, Ruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket. | |||||
| CVE-2018-8765 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222018. | |||||
| CVE-2018-8711 | 1 Woocommerce-filter | 1 Woocommerce Products Filter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack. | |||||
| CVE-2018-8635 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. | |||||
| CVE-2018-8612 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | |||||