Vulnerability_Archives

CVE_ARCHIVES.DB

ARCHIVE_CHRONOLOGY.INDEXSTATUS: ONLINE
Risk_Filter:

Records: 18,154

Mode: SECURE_QUERY

CVE-2018-6333
CRITICAL

The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL co

CVE-2018-6331
CRITICAL

Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead

CVE-2018-6347
HIGH

An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12

CVE-2018-6346
HIGH

A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Pro

CVE-2018-6344
HIGH

A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause d

CVE-2018-6343
HIGH

Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certi

CVE-2018-6342
CRITICAL

react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The inp

CVE-2018-6341
MEDIUM

React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of es

CVE-2018-6340
HIGH

The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hos

CVE-2018-6337
HIGH

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children produc

CVE-2018-6336
HIGH

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspe

CVE-2018-6335
HIGH

A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affect

CVE-2018-6334
CRITICAL

Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before bei

CVE-2018-20623
MEDIUM

In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a

CVE-2018-20622
MEDIUM

JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.

CVE-2018-6668
MEDIUM

A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL

CVE-2018-19937
MEDIUM

A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the pho

CVE-2018-18602
CRITICAL

The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.

CVE-2018-18601
HIGH

The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overfl

CVE-2018-18600
HIGH

The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.

...
Jump_To_Sector:
2026 CVE Archives2025 CVE Archives2024 CVE Archives2023 CVE Archives2022 CVE Archives2021 CVE Archives2020 CVE Archives2019 CVE Archives2018 CVE Archives2017 CVE Archives2016 CVE Archives2015 CVE Archives2014 CVE Archives2013 CVE Archives2012 CVE Archives2011 CVE Archives2010 CVE Archives2009 CVE Archives2008 CVE Archives2007 CVE Archives2006 CVE Archives2005 CVE Archives2004 CVE Archives2003 CVE Archives2002 CVE Archives2001 CVE Archives2000 CVE Archives1999 CVE Archives1998 CVE Archives1997 CVE Archives1996 CVE Archives1995 CVE Archives1994 CVE Archives1993 CVE Archives1992 CVE Archives1991 CVE Archives1990 CVE Archives1989 CVE Archives1988 CVE Archives
CVE Database - Vulnerability Explorer