Total
316927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0574 | 1 Basercms | 1 Basercms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0573 | 1 Basercms | 1 Basercms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction for a content to view a file which is uploaded by a site user via unspecified vectors. | |||||
| CVE-2018-0572 | 1 Basercms | 1 Basercms | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to bypass access restriction to view or alter a restricted content via unspecified vectors. | |||||
| CVE-2018-0571 | 1 Basercms | 1 Basercms | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files. | |||||
| CVE-2018-0570 | 1 Basercms | 1 Basercms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0569 | 1 Basercms | 1 Basercms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-0568 | 1 Sitebridge | 1 Joruri Gw | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors. | |||||
| CVE-2018-0567 | 1 Cybozu | 1 Office | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass access restriction to access and write non-public data via unspecified vectors. | |||||
| CVE-2018-0566 | 1 Cybozu | 1 Office | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors. | |||||
| CVE-2018-0565 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0564 | 1 Lockon | 1 Ec-cube | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3..4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE 3.0.12-p1, EC-CUBE 3.0.13, EC-CUBE 3.0.14, EC-CUBE 3.0.15) allows remote attackers to perform arbitrary operations via unspecified vectors. | |||||
| CVE-2018-0563 | 1 Ntt-east | 2 Flet\'s Virus Clear Easy Setup \& Application Tool, Flet\'s Virus Clear V6 Easy Setup \& Application Tool | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0562 | 1 Coderium | 1 Soundengine | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0561 | 1 Securebrain | 1 Phishwall | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. 3.7.15 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0560 | 1 Hatena | 1 Hatena Bookmark | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display. | |||||
| CVE-2018-0559 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors. | |||||
| CVE-2018-0558 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors. | |||||
| CVE-2018-0557 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors. | |||||
| CVE-2018-0556 | 1 Buffalo | 2 Wzr-1750dhp2, Wzr-1750dhp2 Firmware | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-0555 | 1 Buffalo | 2 Wzr-1750dhp2, Wzr-1750dhp2 Firmware | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file. | |||||