Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-1821 6.4
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo
09-10-2019 - 23:39 13-12-2018 - 16:29
CVE-2018-0494 4.3
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
15-03-2019 - 01:22 06-05-2018 - 22:29
CVE-2018-20166 6.5
A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data
31-01-2019 - 16:33 02-01-2019 - 18:29
CVE-2018-19829 5.8
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
30-01-2019 - 17:16 18-12-2018 - 22:29
CVE-2018-13045 7.5
SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.
09-01-2019 - 13:03 02-01-2019 - 18:29
CVE-2018-19933 4.3
Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.
07-01-2019 - 14:44 17-12-2018 - 19:29
CVE-2018-19828 4.3
Artica Integria IMS 5.0.83 has XSS via the search_string parameter.
04-01-2019 - 19:59 17-12-2018 - 19:29
CVE-2007-5365 7.2
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemo
15-10-2018 - 21:44 11-10-2007 - 10:17
Back to Top Mark selected
Back to Top