| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2018-15000 | The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:us... | | |
| CVE-2018-15001 | The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:us... | E | |
| CVE-2018-15002 | The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/relea... | | |
| CVE-2018-15003 | The Coolpad Defiant (Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys) and the T-Mob... | E | |
| CVE-2018-15004 | The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:u... | E | |
| CVE-2018-15005 | The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/201703... | E | |
| CVE-2018-15006 | The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/201703... | E | |
| CVE-2018-15007 | The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069_trx_l601_sky/x6069_trx_l601... | E | |
| CVE-2018-15120 | libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attack... | E S | |
| CVE-2018-15121 | An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. Affected packages do not use or... | | |
| CVE-2018-15122 | An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.... | | |
| CVE-2018-15123 | Insecure configuration storage in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Ver... | | |
| CVE-2018-15124 | Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -11... | | |
| CVE-2018-15125 | Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get ... | | |
| CVE-2018-15126 | LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerabi... | | |
| CVE-2018-15127 | LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulne... | | |
| CVE-2018-15128 | An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and Pan... | | |
| CVE-2018-15129 | ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&ac=comment&ts=do content paramete... | E | |
| CVE-2018-15130 | ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group&ac=create&ts=do groupdesc parameter... | E | |
| CVE-2018-15131 | An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x bef... | E | |
| CVE-2018-15132 | An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.... | E S | |
| CVE-2018-15133 | In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a... | KEV E | |
| CVE-2018-15136 | TitanHQ SpamTitan before 7.01 has Improper input validation. This allows internal attackers to bypas... | E | |
| CVE-2018-15137 | CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, j... | E | |
| CVE-2018-15138 | Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.... | E | |
| CVE-2018-15139 | Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.... | E S | |
| CVE-2018-15140 | Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a rem... | E S | |
| CVE-2018-15141 | Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a rem... | E S | |
| CVE-2018-15142 | Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a rem... | E S | |
| CVE-2018-15143 | Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR bef... | S | |
| CVE-2018-15144 | SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of ... | S | |
| CVE-2018-15145 | Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR befo... | S | |
| CVE-2018-15146 | SQL injection vulnerability in interface/de_identification_forms/find_immunization_popup.php in vers... | E S | |
| CVE-2018-15147 | SQL injection vulnerability in interface/forms_admin/forms_admin.php from library/registry.inc in ve... | E S | |
| CVE-2018-15148 | SQL injection vulnerability in interface/patient_file/encounter/search_code.php in versions of OpenE... | E S | |
| CVE-2018-15149 | SQL injection vulnerability in interface/forms/eye_mag/php/Anything_simple.php from library/forms.in... | E S | |
| CVE-2018-15150 | SQL injection vulnerability in interface/de_identification_forms/de_identification_screen2.php in ve... | E S | |
| CVE-2018-15151 | SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions of ... | E S | |
| CVE-2018-15152 | Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0... | E S | |
| CVE-2018-15153 | OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a... | E S | |
| CVE-2018-15154 | OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a... | S | |
| CVE-2018-15155 | OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a... | S | |
| CVE-2018-15156 | OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a... | S | |
| CVE-2018-15157 | The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote ... | E | |
| CVE-2018-15158 | The libesedb_page_read_values function in libesedb_page.c in libesedb through 2018-04-01 allows remo... | E | |
| CVE-2018-15159 | The libesedb_page_read_tags function in libesedb_page.c in libesedb through 2018-04-01 allows remote... | E | |
| CVE-2018-15160 | The libesedb_catalog_definition_read function in libesedb_catalog_definition.c in libesedb through 2... | E | |
| CVE-2018-15161 | The libesedb_key_append_data function in libesedb_key.c in libesedb through 2018-04-01 allows remote... | E | |
| CVE-2018-15168 | A SQL Injection vulnerability exists in the Zoho ManageEngine Applications Manager 13 before build 1... | E | |
| CVE-2018-15169 | A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager 13 be... | E | |
| CVE-2018-15172 | TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.... | E | |
| CVE-2018-15173 | Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service... | E | |
| CVE-2018-15174 | XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instr... | E | |
| CVE-2018-15175 | XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5... | E | |
| CVE-2018-15176 | XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSV... | E | |
| CVE-2018-15177 | In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account.... | | |
| CVE-2018-15178 | Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitra... | E | |
| CVE-2018-15180 | qTest Portal in QASymphony qTest Manager 9.0.0 has an Open Redirect via the /portal/loginform redire... | E | |
| CVE-2018-15181 | JioFi 4G Hotspot M2S devices allow attackers to cause a denial of service (secure configuration outa... | E | |
| CVE-2018-15182 | PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields.... | E | |
| CVE-2018-15183 | PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script 2.0.6 has Stored XSS via the Full N... | E | |
| CVE-2018-15184 | PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, ... | E | |
| CVE-2018-15185 | PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a deni... | E | |
| CVE-2018-15186 | PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile... | E | |
| CVE-2018-15187 | PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.... | E | |
| CVE-2018-15188 | PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of serv... | E | |
| CVE-2018-15189 | PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.... | E | |
| CVE-2018-15190 | PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First Name, Last Name, or Address fie... | E | |
| CVE-2018-15191 | PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to cause a denial of service via... | E | |
| CVE-2018-15192 | An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote ... | | |
| CVE-2018-15193 | A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute a... | E | |
| CVE-2018-15197 | An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/AuthManager/... | E | |
| CVE-2018-15198 | An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/User/add.htm... | E | |
| CVE-2018-15199 | AuraCMS 2.3 allows XSS via a Bukutamu -> AddGuestbook action.... | E | |
| CVE-2018-15202 | An issue was discovered in Juunan06 eCommerce through 2018-08-05. There is a CSRF vulnerability in e... | E | |
| CVE-2018-15203 | An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page allows... | E | |
| CVE-2018-15206 | BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf.... | E | |
| CVE-2018-15207 | BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately res... | E | |
| CVE-2018-15208 | BPC SmartVista 2 has Session Fixation via the JSESSIONID parameter.... | E | |
| CVE-2018-15209 | ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a d... | E | |
| CVE-2018-15310 | A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6.3, and 12.1.0-12.1.3 disclose... | | |
| CVE-2018-15311 | When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing spe... | M | |
| CVE-2018-15312 | On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerabili... | | |
| CVE-2018-15313 | On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vuln... | | |
| CVE-2018-15314 | On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vuln... | | |
| CVE-2018-15315 | On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vu... | | |
| CVE-2018-15316 | In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP A... | | |
| CVE-2018-15317 | In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sendin... | M | |
| CVE-2018-15318 | In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives ... | | |
| CVE-2018-15319 | On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual s... | | |
| CVE-2018-15320 | On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of ser... | M | |
| CVE-2018-15321 | When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BI... | M | |
| CVE-2018-15322 | On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-... | M | |
| CVE-2018-15323 | On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic thro... | | |
| CVE-2018-15324 | On BIG-IP APM 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, TMM may restart when processing a specially crafte... | | |
| CVE-2018-15325 | In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may lea... | | |
| CVE-2018-15326 | In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3... | | |
| CVE-2018-15327 | In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated adminis... | | |
| CVE-2018-15328 | On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWor... | | |
| CVE-2018-15329 | On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when au... | | |
| CVE-2018-15330 | On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the infl... | | |
| CVE-2018-15331 | On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to drop g... | | |
| CVE-2018-15332 | The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as ... | | |
| CVE-2018-15333 | On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with ... | | |
| CVE-2018-15334 | A cross-site request forgery (CSRF) vulnerability in the APM webtop 11.2.1 or greater may allow atta... | | |
| CVE-2018-15335 | When APM 13.0.0-13.1.x is deployed as an OAuth Resource Server, APM becomes a client application to ... | | |
| CVE-2018-15336 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15337 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15338 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15339 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15340 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15341 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15342 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15343 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15344 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15345 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15346 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15347 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15348 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15349 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15350 | Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attac... | | |
| CVE-2018-15351 | Denial of service via crafting malicious link and sending it to a privileged user can cause Denial o... | | |
| CVE-2018-15352 | An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware versi... | M | |
| CVE-2018-15353 | A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution... | | |
| CVE-2018-15354 | A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in ... | | |
| CVE-2018-15355 | Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5... | | |
| CVE-2018-15356 | An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmwar... | M | |
| CVE-2018-15357 | An authenticated attacker with low privileges can extract password hash information for all users in... | M | |
| CVE-2018-15358 | An authenticated attacker with low privileges can activate high privileged user and use it to expand... | | |
| CVE-2018-15359 | An authenticated attacker with low privileges can use insecure sudo configuration to expand attack s... | M | |
| CVE-2018-15360 | An attacker without authentication can login with default credentials for privileged users in Eltex ... | M | |
| CVE-2018-15361 | UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentiall... | | |
| CVE-2018-15362 | XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0... | M | |
| CVE-2018-15363 | An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) pro... | | |
| CVE-2018-15364 | A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Mic... | M | |
| CVE-2018-15365 | A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 an... | E M | |
| CVE-2018-15366 | A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation vulnerability in Trend Micro Antivir... | | |
| CVE-2018-15367 | A ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro... | | |
| CVE-2018-15368 | Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability | | |
| CVE-2018-15369 | Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability | | |
| CVE-2018-15370 | Cisco Catalyst 6800 Series Switches ROM Monitor Software Secure Boot Bypass Vulnerability | | |
| CVE-2018-15371 | Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability | | |
| CVE-2018-15372 | Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerability | | |
| CVE-2018-15373 | Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability | | |
| CVE-2018-15374 | Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability | | |
| CVE-2018-15375 | Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities | | |
| CVE-2018-15376 | Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities | | |
| CVE-2018-15377 | Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability | | |
| CVE-2018-15378 | Clam AntiVirus unmew11() Denial of Service Vulnerability | S | |
| CVE-2018-15379 | Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability | E | |
| CVE-2018-15380 | Cisco HyperFlex Software Command Injection Vulnerability | | |
| CVE-2018-15381 | Cisco Unity Express Arbitrary Command Execution Vulnerability | | |
| CVE-2018-15382 | Cisco HyperFlex Software Static Signing Key Vulnerability | | |
| CVE-2018-15383 | Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability | | |
| CVE-2018-15386 | Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability | | |
| CVE-2018-15387 | Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability | | |
| CVE-2018-15388 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability | | |
| CVE-2018-15389 | Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability | | |
| CVE-2018-15390 | Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability | | |
| CVE-2018-15391 | Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability | | |
| CVE-2018-15392 | Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability | | |
| CVE-2018-15393 | Cisco Content Security Management Appliance (SMA) Cross-Site Scripting Vulnerability | | |
| CVE-2018-15394 | Cisco Stealthwatch Management Console Authentication Bypass Vulnerability | | |
| CVE-2018-15395 | Cisco Wireless LAN Controller Software Privilege Escalation Vulnerability | | |
| CVE-2018-15396 | Cisco Unity Connection File Upload Denial of Service Vulnerability | | |
| CVE-2018-15397 | Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability | | |
| CVE-2018-15398 | Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability | | |
| CVE-2018-15399 | Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability | | |
| CVE-2018-15400 | Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability | | |
| CVE-2018-15401 | Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability | | |
| CVE-2018-15402 | Cisco Enterprise NFV Infrastructure Software Cross-Site Request Forgery Vulnerability | | |
| CVE-2018-15403 | Multiple Cisco Unified Communications Products Open Redirect Vulnerability | | |
| CVE-2018-15404 | Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources Denial of Service Vulnerability | | |
| CVE-2018-15405 | Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability | | |
| CVE-2018-15406 | Cisco UCS Director Stored Cross-Site Scripting Vulnerability | | |
| CVE-2018-15407 | Cisco HyperFlex World-Readable Sensitive Information Vulnerability | | |
| CVE-2018-15408 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15409 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15410 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15411 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15412 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15413 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15414 | Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15415 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15416 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15417 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15418 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15419 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15420 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15421 | Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15422 | Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15423 | Cisco HyperFlex UI Clickjacking Vulnerability | | |
| CVE-2018-15424 | Multiple Vulnerabilities in Cisco Identity Services Engine | | |
| CVE-2018-15425 | Multiple Vulnerabilities in Cisco Identity Services Engine | | |
| CVE-2018-15426 | Cisco Unity Connection Stored Cross-Site Scripting Vulnerability | | |
| CVE-2018-15427 | Cisco Video Surveillance Manager Appliance Default Password Vulnerability | | |
| CVE-2018-15428 | Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability | | |
| CVE-2018-15429 | Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability | | |
| CVE-2018-15430 | Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability | | |
| CVE-2018-15431 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities | | |
| CVE-2018-15432 | Cisco Prime Infrastructure Information Disclosure Vulnerability | | |
| CVE-2018-15433 | Cisco Prime Infrastructure Information Disclosure Vulnerability | | |
| CVE-2018-15434 | Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability | | |
| CVE-2018-15435 | Cisco SocialMiner Cross-Site Scripting Vulnerability | | |
| CVE-2018-15436 | Cisco Webex Centers Cross-Site Scripting Vulnerability | | |
| CVE-2018-15437 | Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability | E | |
| CVE-2018-15438 | Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability | | |
| CVE-2018-15439 | Cisco Small Business Switches Privileged Access Vulnerability | | |
| CVE-2018-15440 | Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities | | |
| CVE-2018-15441 | Cisco Prime License Manager SQL Injection Vulnerability | | |
| CVE-2018-15442 | Cisco Webex Meetings Desktop App Update Service Command Injection Vulnerability | E | |
| CVE-2018-15443 | Cisco Firepower Detection Engine TCP Intrusion Prevention System Rule Bypass Vulnerability | | |
| CVE-2018-15444 | Cisco Energy Management Suite XML External Entity Vulnerability | E M | |
| CVE-2018-15445 | Cisco Energy Management Suite Cross-Site Request Forgery Vulnerability | E | |
| CVE-2018-15446 | Cisco Meeting Server Information Disclosure Vulnerability | | |
| CVE-2018-15447 | Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability | | |
| CVE-2018-15448 | Cisco Registered Envelope Service Information Disclosure Vulnerability | | |
| CVE-2018-15449 | Cisco Video Surveillance Media Server Denial of Service Vulnerability | | |
| CVE-2018-15450 | Cisco Prime Collaboration Assurance File Overwrite Vulnerability | | |
| CVE-2018-15451 | Cisco Prime Service Catalog Cross-Site Scripting Vulnerability | | |
| CVE-2018-15452 | Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability | | |
| CVE-2018-15453 | Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability | | |
| CVE-2018-15454 | Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability | M | |
| CVE-2018-15455 | Cisco Identity Services Engine Logging Cross-Site Scripting Vulnerability | | |
| CVE-2018-15456 | Cisco Identity Services Engine Password Recovery Vulnerability | | |
| CVE-2018-15457 | Cisco Prime Infrastructure Cross-Site Scripting Vulnerability | | |
| CVE-2018-15458 | Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability | | |
| CVE-2018-15459 | Cisco Identity Services Engine Privilege Escalation Vulnerability | | |
| CVE-2018-15460 | Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability | | |
| CVE-2018-15461 | Cisco Webex Business Suite Cross-Site Scripting Vulnerability | | |
| CVE-2018-15462 | Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability | | |
| CVE-2018-15463 | Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities | | |
| CVE-2018-15464 | Cisco ASR 900 Series Aggregation Services Router Software Denial of Service Vulnerability | | |
| CVE-2018-15465 | Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability | E | |
| CVE-2018-15466 | Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability | | |
| CVE-2018-15467 | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability | | |
| CVE-2018-15468 | An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features,... | | |
| CVE-2018-15469 | An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either... | S | |
| CVE-2018-15470 | An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended ... | | |
| CVE-2018-15471 | An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux ke... | | |
| CVE-2018-15472 | An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2... | | |
| CVE-2018-15473 | OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an ... | E S | |
| CVE-2018-15474 | CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php... | E | |
| CVE-2018-15476 | An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Swit... | | |
| CVE-2018-15477 | myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that... | | |
| CVE-2018-15478 | An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Swit... | | |
| CVE-2018-15479 | An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Swit... | | |
| CVE-2018-15480 | An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Swit... | | |
| CVE-2018-15481 | Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance ... | | |
| CVE-2018-15482 | Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT applicatio... | | |
| CVE-2018-15483 | An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Denial of Service can o... | | |
| CVE-2018-15484 | An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote ... | | |
| CVE-2018-15485 | An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. FTP does not require au... | | |
| CVE-2018-15486 | An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Local F... | E | |
| CVE-2018-15490 | An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service wit... | | |
| CVE-2018-15491 | A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and ... | | |
| CVE-2018-15492 | A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in ... | M | |
| CVE-2018-15493 | vBulletin 5.4.3 has an Open Redirect.... | S | |
| CVE-2018-15494 | In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.... | | |
| CVE-2018-15495 | /filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF ... | E | |
| CVE-2018-15497 | The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet han... | E | |
| CVE-2018-15498 | YSoft SafeQ Server 6 allows a replay attack.... | E | |
| CVE-2018-15499 | GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of... | E | |
| CVE-2018-15501 | In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote atta... | E S | |
| CVE-2018-15502 | Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to down... | | |
| CVE-2018-15503 | The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the deserialization p... | S | |
| CVE-2018-15504 | An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishan... | E S | |
| CVE-2018-15505 | An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST requ... | E S | |
| CVE-2018-15506 | In BubbleUPnP 0.9 update 30, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an ... | | |
| CVE-2018-15508 | Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a... | E | |
| CVE-2018-15509 | Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).... | E | |
| CVE-2018-15510 | Cross-site scripting (XSS) vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 ... | | |
| CVE-2018-15511 | Cross-site scripting (XSS) vulnerability in the 'Notification template' feature of totemomail 6.0.0 ... | | |
| CVE-2018-15512 | Cross-site scripting (XSS) vulnerability in the 'Authorisation Service' feature of totemomail 6.0.0 ... | | |
| CVE-2018-15513 | Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by lev... | | |
| CVE-2018-15514 | HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-wi... | E | |
| CVE-2018-15515 | The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Troj... | E | |
| CVE-2018-15516 | The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to ... | E | |
| CVE-2018-15517 | The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to chec... | E | |
| CVE-2018-15518 | QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially cra... | S | |
| CVE-2018-15519 | Various Lexmark devices have a Buffer Overflow (issue 1 of 2).... | | |
| CVE-2018-15520 | Various Lexmark devices have a Buffer Overflow (issue 2 of 2).... | | |
| CVE-2018-15528 | Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT.... | E | |
| CVE-2018-15529 | A command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1.0-5... | | |
| CVE-2018-15530 | Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent... | E | |
| CVE-2018-15531 | JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrappe... | S | |
| CVE-2018-15532 | SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive inf... | | |
| CVE-2018-15533 | A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 ... | E | |
| CVE-2018-15534 | Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive ... | E | |
| CVE-2018-15535 | /filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to c... | E | |
| CVE-2018-15536 | /filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 does not properly valida... | E | |
| CVE-2018-15537 | Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privil... | | |
| CVE-2018-15538 | Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities.... | | |
| CVE-2018-15539 | Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an attacker is able to change API to... | | |
| CVE-2018-15540 | Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an at... | E | |
| CVE-2018-15542 | An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode f... | | |
| CVE-2018-15543 | An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Fingerprin... | | |
| CVE-2018-15546 | Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a cr... | | |
| CVE-2018-15552 | The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum Lottery, ... | E | |
| CVE-2018-15553 | fileshare.cmd on Telus Actiontec T2200H T2200H-31.128L.03 devices allows OS Command Injection via sh... | | |
| CVE-2018-15555 | On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with th... | | |
| CVE-2018-15556 | The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level ac... | E | |
| CVE-2018-15557 | An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devi... | E | |
| CVE-2018-15559 | The editor in Xiuno BBS 4.0.4 allows stored XSS.... | E | |
| CVE-2018-15560 | PyCryptodome before 3.6.6 has an integer overflow in the data_len variable in AESNI.c, related to th... | E | |
| CVE-2018-15562 | CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php.... | E | |
| CVE-2018-15563 | _core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.... | | |
| CVE-2018-15564 | An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability... | | |
| CVE-2018-15565 | An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not re... | E | |
| CVE-2018-15566 | tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter.... | E | |
| CVE-2018-15567 | CMSUno before 1.5.3 has XSS via the title field.... | | |
| CVE-2018-15568 | tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html.... | | |
| CVE-2018-15569 | my little forum 2.4.12 allows CSRF for deletion of users.... | | |
| CVE-2018-15570 | In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname paramet... | | |
| CVE-2018-15571 | The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.... | E | |
| CVE-2018-15572 | The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4... | S | |
| CVE-2018-15573 | An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web ... | E | |
| CVE-2018-15574 | An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It i... | E | |
| CVE-2018-15576 | An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call t... | E | |
| CVE-2018-15580 | Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 al... | S | |
| CVE-2018-15581 | Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 ... | S | |
| CVE-2018-15582 | Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_b... | S | |
| CVE-2018-15583 | Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote... | S | |
| CVE-2018-15584 | Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_u... | S | |
| CVE-2018-15585 | Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote... | S | |
| CVE-2018-15586 | Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a... | E | |
| CVE-2018-15587 | GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages u... | E | |
| CVE-2018-15588 | MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.... | | |
| CVE-2018-15590 | An issue was discovered in Ivanti Workspace Control before 10.3.0.0 and RES One Workspace, when file... | | |
| CVE-2018-15591 | An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local ... | E | |
| CVE-2018-15592 | An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local ... | E | |
| CVE-2018-15593 | An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local ... | | |
| CVE-2018-15594 | arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, whic... | S | |
| CVE-2018-15596 | An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication... | E | |
| CVE-2018-15598 | Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if a... | | |
| CVE-2018-15599 | The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user ... | | |
| CVE-2018-15601 | apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in... | S | |
| CVE-2018-15602 | Zyxel VMG3312 B10B devices are affected by a persistent XSS vulnerability via the pages/connectionSt... | | |
| CVE-2018-15603 | An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "... | | |
| CVE-2018-15605 | An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been fo... | S | |
| CVE-2018-15606 | An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, rel... | | |
| CVE-2018-15607 | In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x3... | E | |
| CVE-2018-15608 | Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Techn... | E | |
| CVE-2018-15610 | Improper access controls in IP Office one-X Portal | | |
| CVE-2018-15611 | Communication Manager Local Administrator PrivEsc | | |
| CVE-2018-15612 | Orchestration Designer Runtime Config CSRF | S | |
| CVE-2018-15613 | Orchestration Designer Runtime Config XSS | S | |
| CVE-2018-15614 | IP Office one-X Portal XSS | | |
| CVE-2018-15615 | CMS Supervisor Information Disclosure | | |
| CVE-2018-15616 | System Platform Web UI Deserialization | E | |
| CVE-2018-15617 | Communication Manager Denial of Service | | |
| CVE-2018-15618 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15619 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15620 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15621 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15622 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15623 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15624 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15625 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15626 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15627 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15628 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15629 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15630 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15631 | Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 1... | S | |
| CVE-2018-15632 | Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Ent... | S | |
| CVE-2018-15633 | Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo En... | S | |
| CVE-2018-15634 | Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odo... | S | |
| CVE-2018-15635 | Cross-site scripting vulnerability in the Discuss App of Odoo Community 12.0 and earlier, and Odoo E... | | |
| CVE-2018-15636 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15637 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15638 | Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterpri... | S | |
| CVE-2018-15639 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15640 | Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote authe... | S | |
| CVE-2018-15641 | Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterpri... | S | |
| CVE-2018-15642 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15643 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15644 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15645 | Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12... | S | |
| CVE-2018-15646 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15647 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15648 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15649 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15650 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15651 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15652 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15653 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15654 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2018-15655 | An issue was discovered in 42Gears SureMDM before 2018-11-27, related to CORS settings. Cross-origin... | E | |
| CVE-2018-15656 | An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An at... | E | |
| CVE-2018-15657 | An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.a... | E | |
| CVE-2018-15658 | An issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console... | E | |
| CVE-2018-15659 | An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silve... | E | |
| CVE-2018-15660 | An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. I... | E | |
| CVE-2018-15661 | An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. I... | | |
| CVE-2018-15664 | In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to... | E | |
| CVE-2018-15665 | An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.2.x through 1.4.0. Unauthenticat... | | |
| CVE-2018-15667 | An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL... | | |
| CVE-2018-15668 | An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL... | | |
| CVE-2018-15669 | An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements ... | | |
| CVE-2018-15670 | An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements ... | | |
| CVE-2018-15671 | An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detecte... | E | |
| CVE-2018-15672 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11207. Reason: This candida... | R | |
| CVE-2018-15676 | An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass... | E | |
| CVE-2018-15677 | The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a... | E S | |
| CVE-2018-15678 | An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at... | E S | |
| CVE-2018-15679 | An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function avai... | E S | |
| CVE-2018-15680 | An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table... | E M | |
| CVE-2018-15681 | An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed... | E M | |
| CVE-2018-15682 | An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site request forgery protection, it... | E | |
| CVE-2018-15683 | An issue was discovered in BTITeam XBTIT. The "returnto" parameter of the login page is vulnerable t... | E | |
| CVE-2018-15684 | An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory (/include/l... | E M | |
| CVE-2018-15685 | GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elemen... | E M | |
| CVE-2018-15686 | systemd: reexec state injection: fgets() on overlong lines leads to line splitting | E S | |
| CVE-2018-15687 | systemd: chown_one() can dereference symlinks | E S | |
| CVE-2018-15688 | Out-of-Bounds write in systemd-networkd dhcpv6 option handling | S | |
| CVE-2018-15689 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15690 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15691 | Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and ... | E S | |
| CVE-2018-15692 | Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization by... | | |
| CVE-2018-15693 | Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization by... | E | |
| CVE-2018-15694 | ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload f... | E | |
| CVE-2018-15695 | ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete a... | E | |
| CVE-2018-15696 | ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to enumerat... | E | |
| CVE-2018-15697 | ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any... | E | |
| CVE-2018-15698 | ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any... | E | |
| CVE-2018-15699 | ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a configuration file that is vulnerabl... | E | |
| CVE-2018-15700 | The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when... | | |
| CVE-2018-15701 | The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when... | | |
| CVE-2018-15702 | The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to insufficient... | | |
| CVE-2018-15703 | Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflected cross site scripting vulnera... | E | |
| CVE-2018-15704 | Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote... | E | |
| CVE-2018-15705 | WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to writ... | E | |
| CVE-2018-15706 | WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read... | E | |
| CVE-2018-15707 | Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp pag... | E | |
| CVE-2018-15708 | Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands ... | E | |
| CVE-2018-15709 | Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted HT... | E | |
| CVE-2018-15710 | Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover... | E | |
| CVE-2018-15711 | Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more pr... | E | |
| CVE-2018-15712 | Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the ... | E | |
| CVE-2018-15713 | Nagios XI 5.5.6 allows persistent cross site scripting from remote authenticated attackers via the s... | E | |
| CVE-2018-15714 | Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the ... | E | |
| CVE-2018-15715 | Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and... | E | |
| CVE-2018-15716 | NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can... | E | |
| CVE-2018-15717 | Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.... | | |
| CVE-2018-15718 | Open Dental before version 18.4 transmits the entire user database over the network when a remote un... | | |
| CVE-2018-15719 | Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root"... | | |
| CVE-2018-15720 | Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server th... | E | |
| CVE-2018-15721 | The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypa... | E | |
| CVE-2018-15722 | The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time ... | | |
| CVE-2018-15723 | The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injectio... | E | |
| CVE-2018-15726 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerabili... | | |
| CVE-2018-15727 | Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an ... | S | |
| CVE-2018-15728 | Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or ... | E | |
| CVE-2018-15729 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Den... | E | |
| CVE-2018-15730 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Den... | E | |
| CVE-2018-15731 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Den... | E | |
| CVE-2018-15732 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Ar... | E | |
| CVE-2018-15733 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a NUL... | E | |
| CVE-2018-15734 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Ar... | E | |
| CVE-2018-15735 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Ar... | E | |
| CVE-2018-15736 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Den... | E | |
| CVE-2018-15737 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Den... | E | |
| CVE-2018-15738 | An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Ar... | E | |
| CVE-2018-15740 | Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles" screen... | E | |
| CVE-2018-15745 | Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Di... | E | |
| CVE-2018-15746 | qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) b... | S | |
| CVE-2018-15747 | The default configuration of glot-www through 2018-05-19 allows remote attackers to execute arbitrar... | E | |
| CVE-2018-15748 | On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, a... | E | |
| CVE-2018-15749 | The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.... | | |
| CVE-2018-15750 | Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before ... | | |
| CVE-2018-15751 | SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authent... | | |
| CVE-2018-15752 | An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Cl... | E | |
| CVE-2018-15753 | An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Th... | E | |
| CVE-2018-15754 | UAA can issue tokens across identity providers if users with matching usernames exist | M | |
| CVE-2018-15755 | CF networking internal policy server SQL injection | | |
| CVE-2018-15756 | DoS Attack via Range Requests | S | |
| CVE-2018-15757 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2018-15758 | Privilege Escalation in spring-security-oauth2 | M | |
| CVE-2018-15759 | On Demand Services SDK Timing Attack Vulnerability | | |
| CVE-2018-15760 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15761 | UAA Privilege Escalation | | |
| CVE-2018-15762 | Pivotal Operations Manager gives all users heightened privileges | | |
| CVE-2018-15763 | PKS leaks IaaS Credentials to Application Logs | | |
| CVE-2018-15764 | Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability du... | | |
| CVE-2018-15765 | Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vuln... | | |
| CVE-2018-15766 | Dell Encryption and Dell Endpoint Security Suite Enterprise Security Policy Overwrite Vulnerability | M | |
| CVE-2018-15767 | Improper Authorization Vulnerability | E M | |
| CVE-2018-15768 | Insecure MySQL Configuration Vulnerability | E M | |
| CVE-2018-15769 | RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6... | S | |
| CVE-2018-15770 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15771 | Dell EMC RecoverPoint Information Disclosure Vulnerability | | |
| CVE-2018-15772 | Dell EMC RecoverPoint Uncontrolled Resource Consumption Vulnerability | | |
| CVE-2018-15773 | Dell Encryption Enterprise \ Dell Data Protection Encryption Information Disclosure Vulnerability | S | |
| CVE-2018-15774 | iDRAC7/iDRAC8/iDRAC9 - Privilege Escalation Vulnerability | | |
| CVE-2018-15775 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15776 | iDRAC7, iDRAC8 - Improper Error Handling | | |
| CVE-2018-15777 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15778 | DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability | | |
| CVE-2018-15779 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15780 | DSA-2018-224: RSA Archer GRC Platform Improper Access Control Vulnerability | | |
| CVE-2018-15781 | DSA-2019-022: Dell Wyse Password Encoder Hard-coded Cryptographic Key Vulnerability | S | |
| CVE-2018-15782 | DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability | | |
| CVE-2018-15783 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15784 | DSA-2019-001: Dell Networking OS10 Improper Certificate Validation Vulnerability | | |
| CVE-2018-15785 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15786 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15787 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15788 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15789 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15790 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15791 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15792 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15793 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15794 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15795 | CredHub Service Broker uses guessable client secret | M | |
| CVE-2018-15796 | Signing Key Extraction in Bits Service Release | | |
| CVE-2018-15797 | NFS Volume release errand leaks cf admin credentials in logs | | |
| CVE-2018-15798 | Pivotal Concourse allows malicious redirect urls on login | | |
| CVE-2018-15799 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15800 | Timing attack allows extraction of signing key in Bits Service | M | |
| CVE-2018-15801 | Authorization Bypass During JWT Issuer Validation with spring-security | | |
| CVE-2018-15802 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15803 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2018-15804 | An issue was discovered in the MapR File System in MapR Converged Data Platform and MapR-XD 6.x and ... | | |
| CVE-2018-15805 | Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerabil... | | |
| CVE-2018-15807 | POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be acce... | | |
| CVE-2018-15808 | POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "r... | | |
| CVE-2018-15809 | AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files wit... | | |
| CVE-2018-15810 | Visiology Flipbox Software Suite before 2.7.0 allows directory traversal via %5c%2e%2e%2f because it... | | |
| CVE-2018-15811 | DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.... | KEV E | |
| CVE-2018-15812 | DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting ... | E | |
| CVE-2018-15813 | FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via... | E | |
| CVE-2018-15814 | FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000001cb509 via... | E | |
| CVE-2018-15815 | FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+... | E | |
| CVE-2018-15816 | FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+... | E | |
| CVE-2018-15817 | FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+... | E | |
| CVE-2018-15818 | An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on... | E | |
| CVE-2018-15819 | EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js.... | E | |
| CVE-2018-15820 | EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GDN parameter.... | E | |
| CVE-2018-15822 | The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an em... | S | |
| CVE-2018-15832 | upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbi... | E | |
| CVE-2018-15833 | In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) vi... | | |
| CVE-2018-15834 | In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_function... | E S | |
| CVE-2018-15835 | Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983.... | E | |
| CVE-2018-15836 | In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implemen... | S | |
| CVE-2018-15839 | D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.... | E | |
| CVE-2018-15840 | TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) vi... | E | |
| CVE-2018-15842 | WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter.... | | |
| CVE-2018-15843 | GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field.... | | |
| CVE-2018-15844 | An issue was discovered in DamiCMS 6.0.0. There is an CSRF vulnerability that can revise the adminis... | E | |
| CVE-2018-15845 | There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/use... | E | |
| CVE-2018-15846 | An issue was discovered in fledrCMS through 2014-02-03. There is a CSRF vulnerability that can chang... | | |
| CVE-2018-15847 | An issue was discovered in puppyCMS 5.1. There is an XSS vulnerability via menu.php in the "Add Page... | | |
| CVE-2018-15848 | An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio... | | |
| CVE-2018-15849 | An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admi... | | |
| CVE-2018-15850 | An issue was discovered in REDAXO CMS 4.7.2. There is a CSRF vulnerability that can add an administr... | | |
| CVE-2018-15851 | An issue was discovered in Flexo CMS v0.1.6. There is a CSRF vulnerability that can add an administr... | | |
| CVE-2018-15852 | Technicolor TC7200.20 devices allow remote attackers to cause a denial of service (networking outage... | E | |
| CVE-2018-15853 | Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could b... | S | |
| CVE-2018-15854 | Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NU... | S | |
| CVE-2018-15855 | Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NU... | S | |
| CVE-2018-15856 | An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbco... | S | |
| CVE-2018-15857 | An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could ... | S | |
| CVE-2018-15858 | Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keyc... | S | |
| CVE-2018-15859 | Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbco... | S | |
| CVE-2018-15861 | Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be ... | S | |
| CVE-2018-15862 | Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be u... | S | |
| CVE-2018-15863 | Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8... | S | |
| CVE-2018-15864 | Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could b... | S | |
| CVE-2018-15865 | The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability.... | | |
| CVE-2018-15868 | SQL injection vulnerability in ChronoScan version 1.5.4.3 and earlier allows an unauthenticated atta... | E | |
| CVE-2018-15869 | An Amazon Web Services (AWS) developer who does not specify the --owners flag when describing images... | | |
| CVE-2018-15870 | An invalid memory address dereference was discovered in decompileGETVARIABLE in libming 0.4.8 before... | E S | |
| CVE-2018-15871 | An invalid memory address dereference was discovered in decompileSingleArgBuiltInFunctionCall in lib... | E S | |
| CVE-2018-15873 | A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter.... | E | |
| CVE-2018-15874 | Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to injec... | | |
| CVE-2018-15875 | Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject ... | | |
| CVE-2018-15876 | An issue was discovered in the ajax-bootmodal-login plugin 1.4.3 for WordPress. The register form, l... | | |
| CVE-2018-15877 | The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command inje... | E | |
| CVE-2018-15878 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate... | R | |
| CVE-2018-15879 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate... | R | |
| CVE-2018-15880 | An issue was discovered in Joomla! before 3.8.12. Inadequate output filtering on the user profile pa... | | |
| CVE-2018-15881 | An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can le... | | |
| CVE-2018-15882 | An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could a... | | |
| CVE-2018-15884 | RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi en... | E | |
| CVE-2018-15885 | Ovation FindMe 1.4-1083-1 is intended to support transmission of network traffic from covert video r... | E | |
| CVE-2018-15886 | Monstra CMS 3.0.4 does not properly restrict modified Snippet content, as demonstrated by the admin/... | E | |
| CVE-2018-15887 | Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command E... | E | |
| CVE-2018-15888 | An issue was discovered in ASPCMS 2.5.6. When registering ordinary users in the addUser function of ... | E | |
| CVE-2018-15889 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-5783. Reason: This candidate... | R | |
| CVE-2018-15890 | An issue was discovered in EthereumJ 1.8.2. There is Unsafe Deserialization in ois.readObject in min... | E | |
| CVE-2018-15891 | An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a... | | |
| CVE-2018-15892 | FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.... | | |
| CVE-2018-15893 | A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index... | E | |
| CVE-2018-15894 | A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via th... | E | |
| CVE-2018-15895 | An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/sp... | E S | |
| CVE-2018-15896 | PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name.... | E | |
| CVE-2018-15897 | PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service vi... | E | |
| CVE-2018-15898 | The Subsonic Music Streamer application 4.4 for Android has Improper Certificate Validation of the S... | | |
| CVE-2018-15899 | An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability.... | E | |
| CVE-2018-15901 | e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of us... | E | |
| CVE-2018-15903 | The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to stored Cross Site Scripting (XSS). A... | E | |
| CVE-2018-15904 | A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.... | M | |
| CVE-2018-15906 | SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by l... | E | |
| CVE-2018-15907 | Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (netw... | E | |
| CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript fil... | | |
| CVE-2018-15909 | In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be ... | S | |
| CVE-2018-15910 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a ty... | S | |
| CVE-2018-15911 | In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use... | S | |
| CVE-2018-15912 | An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A... | E S | |
| CVE-2018-15913 | An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager... | | |
| CVE-2018-15917 | Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitr... | E | |
| CVE-2018-15918 | An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the applicatio... | E | |
| CVE-2018-15919 | Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attacker... | S | |
| CVE-2018-15920 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15921 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15922 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15923 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15924 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15925 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15926 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15927 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15928 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15929 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15930 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15931 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15932 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15933 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15934 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | S | |
| CVE-2018-15935 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15936 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15937 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15938 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15939 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15940 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15941 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15942 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15943 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15944 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15945 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15946 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15947 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15948 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15949 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15950 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15951 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15952 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15953 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15954 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15955 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15956 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15957 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15958 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15959 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15960 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15961 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | KEV E | |
| CVE-2018-15962 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15963 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15964 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15965 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and... | | |
| CVE-2018-15966 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15967 | Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Succes... | | |
| CVE-2018-15968 | Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.0... | | |
| CVE-2018-15969 | Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vul... | S | |
| CVE-2018-15970 | Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting ... | S | |
| CVE-2018-15971 | Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting ... | S | |
| CVE-2018-15972 | Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vul... | S | |
| CVE-2018-15973 | Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vul... | S | |
| CVE-2018-15974 | Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnera... | S | |
| CVE-2018-15975 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15976 | Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dl... | S | |
| CVE-2018-15977 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2018-15978 | Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful ex... | S | |
| CVE-2018-15979 | Adobe Acrobat and Reader versions 2019.008.20080 and earlier, 2017.011.30105 and earlier, and 2015.0... | S | |
| CVE-2018-15980 | Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds read vulnerability. Successful ... | S | |
| CVE-2018-15981 | Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploit... | | |
| CVE-2018-15982 | Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulne... | KEV E S | |
| CVE-2018-15983 | Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library lo... | S | |
| CVE-2018-15984 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15985 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15986 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15987 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15988 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15989 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15990 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15991 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15992 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15993 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15994 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15995 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15996 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15997 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15998 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S | |
| CVE-2018-15999 | Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.2... | S |