Total
9734 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10718 | 1 Brave | 1 Brave Browser | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service. | |||||
| CVE-2017-5818 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | |||||
| CVE-2018-6298 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Remote code execution in Hanwha Techwin Smartcams | |||||
| CVE-2017-6154 | 1 F5 | 1 Big-ip Application Security Manager | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores. | |||||
| CVE-2018-6782 | 1 Jiangmin | 1 Antivirus | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
| In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A0081DC. | |||||
| CVE-2018-9006 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | |||||
| CVE-2018-0280 | 1 Cisco | 1 Meeting Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this vulnerability by sending a crafted RTP bitstream to an affected Cisco Meeting Server. A successful exploit could allow the attacker to deny audio and video services by causing media process crashes resulting in a DoS condition on the affected product. This vulnerability affects Cisco Meeting Server deployments that are running Cisco Meeting Server Software Releases 2.0, 2.1, 2.2, and 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363. | |||||
| CVE-2018-5474 | 1 Philips | 1 Intellispace Portal | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash. | |||||
| CVE-2018-1321 | 1 Apache | 1 Syncope | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution. | |||||
| CVE-2017-12512 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. | |||||
| CVE-2018-1000023 | 1 Insight.bitpay | 1 Insight-api | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a CWE-20: input validation vulnerability in transaction broadcast endpoint that can result in Full Path Disclosure. This attack appear to be exploitable via Web request. | |||||
| CVE-2018-1002100 | 1 Kubernetes | 1 Kubernetes | 2024-02-28 | 3.6 LOW | 5.5 MEDIUM |
| In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files. | |||||
| CVE-2018-0560 | 1 Hatena | 1 Hatena Bookmark | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display. | |||||
| CVE-2018-7787 | 1 Schneider-electric | 1 U.motion Builder | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request. | |||||
| CVE-2018-0373 | 2 Cisco, Microsoft | 2 Anyconnect Secure Mobility Client, Windows | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious request to the application. A successful exploit could allow the attacker to cause a DoS condition on the affected system. Cisco Bug IDs: CSCvj47654. | |||||
| CVE-2018-9050 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100202d. | |||||
| CVE-2017-9270 | 1 Opensuse | 1 Cryptctl | 2024-02-28 | 8.5 HIGH | 9.1 CRITICAL |
| In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database. | |||||
| CVE-2017-12534 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. | |||||
| CVE-2017-12497 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. | |||||
| CVE-2017-18065 | 1 Google | 1 Android | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vent->vdev_id in wma_action_frame_filter_mac_event_handler(), which is received from firmware, leads to arbitrary code execution. | |||||