Total
9737 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8765 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222018. | |||||
CVE-2018-11537 | 1 Auth0 | 1 Angular-jwt | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain. | |||||
CVE-2018-11316 | 1 Sonos | 2 Sonos, Sonos Firmware | 2024-02-28 | 9.3 HIGH | 9.6 CRITICAL |
The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. | |||||
CVE-2018-9004 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | |||||
CVE-2014-2032 | 2 Deadwood Project, Maradns Project | 2 Deadwood, Maradns | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to missing input validation. | |||||
CVE-2018-11321 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. | |||||
CVE-2017-5449 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | |||||
CVE-2018-6628 | 1 Micropoint | 1 Proactive Defense | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000010c. | |||||
CVE-2017-15699 | 1 Apache | 1 Qpid Dispatch | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause it to segfault and shut down. | |||||
CVE-2018-6626 | 1 Micropoint | 1 Proactive Defense | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000035. | |||||
CVE-2018-6777 | 1 Jiangmin | 1 Antivirus | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220400. | |||||
CVE-2015-9196 | 1 Qualcomm | 8 Fsm9055, Fsm9055 Firmware, Mdm9635m and 5 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation. | |||||
CVE-2017-7833 | 1 Mozilla | 1 Firefox | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57. | |||||
CVE-2018-6201 | 1 Escanav | 1 Anti-virus | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020E0 or 0x830020E4. | |||||
CVE-2016-10501 | 1 Qualcomm | 52 Fsm9055, Fsm9055 Firmware, Mdm9206 and 49 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 835, improper input validation can occur while parsing an image. | |||||
CVE-2016-7472 | 1 F5 | 1 Big-ip Application Security Manager | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request. | |||||
CVE-2017-8972 | 1 Hp | 1 Matrix Operating Environment | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found. | |||||
CVE-2018-9042 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-02-28 | 6.1 MEDIUM | 7.8 HIGH |
In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | |||||
CVE-2018-5763 | 1 Oxid-esales | 1 Eshop | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 and 6.x before 6.0.1. By entering specially crafted URLs, an attacker is able to bring the shop server to a standstill and hence, it stops working. This is only valid if OXID High Performance Option is activated and Varnish is used. | |||||
CVE-2017-12509 | 1 Hp | 1 Intelligent Management Center | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. |