Max CVSS | 10.0 | Min CVSS | 2.7 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-19665 | 2.7 |
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
|
14-12-2020 - 20:19 | 06-12-2018 - 23:29 | |
CVE-2018-19626 | 4.3 |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
|
24-08-2020 - 17:37 | 29-11-2018 - 04:29 | |
CVE-2018-11002 | 5.8 |
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions.
|
24-08-2020 - 17:37 | 29-11-2018 - 16:29 | |
CVE-2018-19625 | 4.3 |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.
|
20-03-2020 - 01:15 | 29-11-2018 - 04:29 | |
CVE-2018-19624 | 4.3 |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.
|
20-03-2020 - 01:15 | 29-11-2018 - 04:29 | |
CVE-2018-19628 | 5.0 |
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
|
20-03-2020 - 01:15 | 29-11-2018 - 04:29 | |
CVE-2018-19622 | 5.0 |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
|
20-03-2020 - 01:15 | 29-11-2018 - 04:29 | |
CVE-2018-19627 | 5.0 |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.
|
20-03-2020 - 01:15 | 29-11-2018 - 04:29 | |
CVE-2018-19623 | 5.0 |
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.
|
20-03-2020 - 01:15 | 29-11-2018 - 04:29 | |
CVE-2018-1762 | 3.5 |
IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality
|
09-10-2019 - 23:39 | 29-11-2018 - 16:29 | |
CVE-2018-15716 | 9.0 |
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
|
09-10-2019 - 23:35 | 30-11-2018 - 20:29 | |
CVE-2018-17156 | 4.3 |
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.qu
|
03-10-2019 - 00:03 | 28-11-2018 - 16:29 | |
CVE-2018-18362 | 4.3 |
Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A c
|
02-01-2019 - 19:32 | 06-12-2018 - 19:29 | |
CVE-2004-0621 | 10.0 |
admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.
|
11-07-2017 - 01:30 | 06-12-2004 - 05:00 |