CVE-2018-8xxx

There are 751 CVE in this subgroup.
Last updated: 
← Back to 2018
ID Summary Flags Max Score
CVE-2018-8000 In PoDoFo 0.9.5, there exists a heap-based buffer overflow vulnerability in PoDoFo::PdfTokenizer::Ge...
E
CVE-2018-8001 In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfNa...
CVE-2018-8002 In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete()...
E
CVE-2018-8003 Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an u...
CVE-2018-8004 There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests ...
S
CVE-2018-8005 When there are multiple ranges in a range request, Apache Traffic Server (ATS) will read the entire ...
CVE-2018-8006 An instance of a cross-site scripting vulnerability was identified to be present in the web based ad...
CVE-2018-8007 Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficie...
E
CVE-2018-8008 Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an a...
CVE-2018-8009 Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.2...
E
CVE-2018-8010 This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity e...
M
CVE-2018-8011 mod_md, DoS via Coredumps on specially crafted requests
CVE-2018-8012 No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKee...
S
CVE-2018-8013 In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes ...
S
CVE-2018-8014 The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5....
S
CVE-2018-8015 In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call i...
CVE-2018-8016 The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI in...
CVE-2018-8017 In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaPar...
CVE-2018-8018 In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serialization mechanism does not have a li...
CVE-2018-8019 When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not corre...
M
CVE-2018-8020 Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OC...
CVE-2018-8021 Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize...
E S
CVE-2018-8022 A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This af...
S
CVE-2018-8023 Apache Mesos can be configured to require authentication to call the Executor HTTP API using JSON We...
CVE-2018-8024 In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to con...
M
CVE-2018-8025 CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server whe...
CVE-2018-8026 This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entit...
E
CVE-2018-8027 Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor....
M
CVE-2018-8028 An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache...
CVE-2018-8029 In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can ...
CVE-2018-8030 A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP p...
CVE-2018-8031 The Apache TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be e...
CVE-2018-8032 Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the ...
S
CVE-2018-8033 In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEng...
CVE-2018-8034 The host name verification when using TLS with the WebSocket client was missing. It is now enabled b...
S
CVE-2018-8035 This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascrip...
CVE-2018-8036 In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can tr...
CVE-2018-8037 If an async request was completed by the application at the same time as the container triggered the...
S
CVE-2018-8038 Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) w...
S
CVE-2018-8039 It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProp...
S
CVE-2018-8040 Pages that are rendered using the ESI plugin can have access to the cookie header when the plugin is...
S
CVE-2018-8041 Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path tr...
CVE-2018-8042 Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari ...
CVE-2018-8043 The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15...
S
CVE-2018-8044 K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impa...
CVE-2018-8045 In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a...
CVE-2018-8046 The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS atta...
CVE-2018-8047 vtiger CRM 7.0.1 is affected by one reflected Cross-Site Scripting (XSS) vulnerability affecting ver...
CVE-2018-8048 In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized out...
CVE-2018-8049 The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 3.0.1999, 3.1.x, 3.2.x before 3.2.030...
CVE-2018-8050 The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) through 3.7.16 allows re...
S
CVE-2018-8056 Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channel_name paramet...
E
CVE-2018-8057 A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channel_name or pla...
E
CVE-2018-8058 CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter....
E
CVE-2018-8059 The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain c...
CVE-2018-8060 HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to th...
E
CVE-2018-8061 HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE26...
E
CVE-2018-8062 A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2...
E
CVE-2018-8065 An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user...
CVE-2018-8069 QCMS version 3.0 has XSS via the webname parameter to the /backend/system.html URI....
E
CVE-2018-8070 QCMS version 3.0 has XSS via the title parameter to the /guest/index.html URI....
E
CVE-2018-8071 Mautic before v2.13.0 has stored XSS via a theme config file....
CVE-2018-8072 An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC throug...
E S
CVE-2018-8073 Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA code via a variant of the CVE...
CVE-2018-8074 Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant o...
CVE-2018-8076 ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc...
CVE-2018-8078 YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html....
E
CVE-2018-8086 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2018-8087 Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux...
S
CVE-2018-8088 org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote att...
S
CVE-2018-8090 Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal ...
CVE-2018-8092 Mautic before 2.13.0 allows CSV injection....
CVE-2018-8096 Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admi...
E S
CVE-2018-8097 io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code...
S
CVE-2018-8098 Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length...
S
CVE-2018-8099 Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in ...
S
CVE-2018-8100 The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial ...
CVE-2018-8101 The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launc...
CVE-2018-8102 The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch...
CVE-2018-8103 The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launc...
CVE-2018-8104 The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of serv...
CVE-2018-8105 The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial o...
CVE-2018-8106 The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch den...
CVE-2018-8107 The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of serv...
CVE-2018-8108 The select component in bui through 2018-03-13 has XSS because it performs an escape operation on al...
E
CVE-2018-8110 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8111 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8112 A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of di...
S
CVE-2018-8113 A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mark o...
S
CVE-2018-8114 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8115 A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) li...
S
CVE-2018-8116 A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Mic...
S
CVE-2018-8117 A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could al...
S
CVE-2018-8118 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8119 A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improp...
S
CVE-2018-8120 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
KEV E S
CVE-2018-8121 An information disclosure vulnerability exists when the Windows kernel improperly initializes object...
S
CVE-2018-8122 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8123 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-8124 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
CVE-2018-8125 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8126 A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Co...
S
CVE-2018-8127 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8128 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8129 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass De...
S
CVE-2018-8130 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8132 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass De...
S
CVE-2018-8133 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-8134 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permi...
E S
CVE-2018-8136 A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka ...
S
CVE-2018-8137 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8139 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
E S
CVE-2018-8140 An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services ...
S
CVE-2018-8141 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8142 A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "W...
S
CVE-2018-8145 An information disclosure vulnerability exists when Chakra improperly discloses the contents of its ...
E S
CVE-2018-8147 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8148 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8149 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8150 A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter do...
S
CVE-2018-8151 An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in...
S
CVE-2018-8152 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fail...
S
CVE-2018-8153 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to ...
S
CVE-2018-8154 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails ...
S
CVE-2018-8155 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8156 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8157 A remote code execution vulnerability exists in Microsoft Office software when the software fails to...
S
CVE-2018-8158 A remote code execution vulnerability exists in Microsoft Office software when the software fails to...
S
CVE-2018-8159 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fail...
S
CVE-2018-8160 An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft O...
S
CVE-2018-8161 A remote code execution vulnerability exists in Microsoft Office software when the software fails to...
S
CVE-2018-8162 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8163 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the content...
S
CVE-2018-8164 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
S
CVE-2018-8165 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
S
CVE-2018-8166 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
S
CVE-2018-8167 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver...
S
CVE-2018-8168 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8169 An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library ...
CVE-2018-8170 An elevation of privilege vulnerability exists in the way that the Windows kernel image handles obje...
S
CVE-2018-8171 A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempt...
S
CVE-2018-8172 A remote code execution vulnerability exists in Visual Studio software when the software does not ch...
S
CVE-2018-8173 A remote code execution vulnerability exists in Microsoft InfoPath when the software fails to proper...
S
CVE-2018-8174 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in ...
KEV E S
CVE-2018-8175 An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV ...
S
CVE-2018-8176 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail...
S
CVE-2018-8177 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8178 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me...
S
CVE-2018-8179 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8200 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8201 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8202 An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to el...
S
CVE-2018-8204 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8205 A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Win...
CVE-2018-8206 A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP...
S
CVE-2018-8207 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
CVE-2018-8208 An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly mana...
E S
CVE-2018-8209 An information disclosure vulnerability exists when Windows allows a normal user to access the Wirel...
S
CVE-2018-8210 A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka ...
S
CVE-2018-8211 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8212 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8213 A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka ...
S
CVE-2018-8214 An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly mana...
E S
CVE-2018-8215 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8216 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8217 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8218 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fail...
S
CVE-2018-8219 An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to p...
S
CVE-2018-8221 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8222 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8224 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje...
S
CVE-2018-8225 A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it ...
CVE-2018-8226 A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys imp...
S
CVE-2018-8227 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8229 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-8231 A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles ...
S
CVE-2018-8232 A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka "Micr...
S
CVE-2018-8233 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
S
CVE-2018-8234 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-8235 A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of di...
S
CVE-2018-8236 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8238 A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse...
S
CVE-2018-8239 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
S
CVE-2018-8242 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8243 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8244 An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment h...
S
CVE-2018-8245 A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that...
S
CVE-2018-8246 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the content...
S
CVE-2018-8247 An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Se...
S
CVE-2018-8248 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8249 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8251 A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in...
S
CVE-2018-8252 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8253 An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website brows...
S
CVE-2018-8254 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8256 A remote code execution vulnerability exists when PowerShell improperly handles specially crafted fi...
S
CVE-2018-8260 A Remote Code Execution vulnerability exists in .NET software when the software fails to check the s...
CVE-2018-8261 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2018-8262 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8265 A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially...
S
CVE-2018-8266 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8267 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8269 A denial of service vulnerability exists when OData Library improperly handles web requests, aka "OD...
E S
CVE-2018-8271 An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode dr...
S
CVE-2018-8273 A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code exec...
S
CVE-2018-8274 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8275 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8276 A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows ...
S
CVE-2018-8278 A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "M...
S
CVE-2018-8279 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
E S
CVE-2018-8280 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8281 A remote code execution vulnerability exists in Microsoft Office software when the software fails to...
S
CVE-2018-8282 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails ...
CVE-2018-8283 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8284 A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate inp...
S
CVE-2018-8286 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8287 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
S
CVE-2018-8288 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
E S
CVE-2018-8289 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-8290 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8291 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
E S
CVE-2018-8292 An information disclosure vulnerability exists in .NET Core when authentication information is inadv...
S
CVE-2018-8294 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8296 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8297 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-8298 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
KEV E S
CVE-2018-8299 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8300 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to chec...
S
CVE-2018-8301 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8302 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails ...
S
CVE-2018-8304 A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fail...
S
CVE-2018-8305 An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka ...
CVE-2018-8306 A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the M...
S
CVE-2018-8307 A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OL...
S
CVE-2018-8308 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje...
S
CVE-2018-8309 A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Win...
S
CVE-2018-8310 A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment...
S
CVE-2018-8311 A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail...
CVE-2018-8312 A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects ...
S
CVE-2018-8313 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permi...
S
CVE-2018-8314 An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape...
S
CVE-2018-8315 An information disclosure vulnerability exists when the browser scripting engine improperly handle o...
S
CVE-2018-8316 A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks ...
S
CVE-2018-8319 A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused...
S
CVE-2018-8320 A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Sec...
S
CVE-2018-8323 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8324 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-8325 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-8326 A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Ac...
S
CVE-2018-8327 A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor S...
S
CVE-2018-8329 An Elevation of Privilege vulnerability exists in Windows Subsystem for Linux when it fails to prope...
S
CVE-2018-8330 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8331 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8332 A remote code execution vulnerability exists when the Windows font library improperly handles specia...
S
CVE-2018-8333 An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects ...
S
CVE-2018-8335 A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacke...
S
CVE-2018-8336 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8337 A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles c...
S
CVE-2018-8339 An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer f...
CVE-2018-8340 A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) imp...
S
CVE-2018-8341 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8342 An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) ...
S
CVE-2018-8343 An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) ...
CVE-2018-8344 A remote code execution vulnerability exists when the Windows font library improperly handles specia...
CVE-2018-8345 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execu...
CVE-2018-8346 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execu...
S
CVE-2018-8347 An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to...
S
CVE-2018-8348 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8349 A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properl...
CVE-2018-8350 A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles o...
S
CVE-2018-8351 An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cro...
S
CVE-2018-8353 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
E S
CVE-2018-8354 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8355 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
E S
CVE-2018-8356 A security feature bypass vulnerability exists when Microsoft .NET Framework components do not corre...
S
CVE-2018-8357 An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "M...
S
CVE-2018-8358 A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect reque...
S
CVE-2018-8359 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8360 An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attac...
S
CVE-2018-8366 An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles...
S
CVE-2018-8367 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8370 A information disclosure vulnerability exists when WebAudio Library improperly handles audio request...
S
CVE-2018-8371 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8372 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
S
CVE-2018-8373 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
KEV S
CVE-2018-8374 A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile dat...
S
CVE-2018-8375 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8376 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail...
S
CVE-2018-8377 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8378 An information disclosure vulnerability exists when Microsoft Office software reads out of bound mem...
S
CVE-2018-8379 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8380 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8381 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8382 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the content...
S
CVE-2018-8383 A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Micro...
S
CVE-2018-8384 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-8385 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
S
CVE-2018-8387 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8388 A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "M...
S
CVE-2018-8389 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8390 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8391 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8392 A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote ...
S
CVE-2018-8393 A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote ...
S
CVE-2018-8394 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
CVE-2018-8396 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
S
CVE-2018-8397 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (...
S
CVE-2018-8398 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
CVE-2018-8399 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
S
CVE-2018-8400 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
S
CVE-2018-8401 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
S
CVE-2018-8403 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in me...
S
CVE-2018-8404 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
S
CVE-2018-8405 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
KEV S
CVE-2018-8406 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
KEV S
CVE-2018-8407 An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver i...
S
CVE-2018-8408 An information disclosure vulnerability exists when the Windows kernel improperly initializes object...
S
CVE-2018-8409 A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "...
S
CVE-2018-8410 An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles regist...
E S
CVE-2018-8411 An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevati...
E S
CVE-2018-8412 An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for M...
S
CVE-2018-8413 A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress f...
S
CVE-2018-8414 A remote code execution vulnerability exists when the Windows Shell does not properly validate file ...
KEV S
CVE-2018-8415 A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code...
S
CVE-2018-8416 A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NE...
S
CVE-2018-8417 A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to ...
S
CVE-2018-8419 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize ...
S
CVE-2018-8420 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser proce...
S
CVE-2018-8421 A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input...
S
CVE-2018-8422 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
S
CVE-2018-8423 A remote code execution vulnerability exists in the Microsoft JET Database Engine, aka "Microsoft JE...
E S
CVE-2018-8424 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
S
CVE-2018-8425 A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "M...
S
CVE-2018-8426 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly...
S
CVE-2018-8427 An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle ...
S
CVE-2018-8428 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8429 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the content...
S
CVE-2018-8430 A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted P...
S
CVE-2018-8431 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8432 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle ob...
S
CVE-2018-8433 An information disclosure vulnerability exists when the Windows Graphics component improperly handle...
S
CVE-2018-8434 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails...
S
CVE-2018-8435 A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a h...
S
CVE-2018-8436 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fail...
S
CVE-2018-8437 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fail...
S
CVE-2018-8438 A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fail...
S
CVE-2018-8439 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly...
S
CVE-2018-8440 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Loc...
KEV E S
CVE-2018-8441 An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for L...
S
CVE-2018-8442 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8443 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8444 An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2....
S
CVE-2018-8445 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8446 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8447 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8448 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fail...
S
CVE-2018-8449 A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Dev...
E S
CVE-2018-8450 A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Win...
S
CVE-2018-8452 An information disclosure vulnerability exists when the scripting engine does not properly handle ob...
S
CVE-2018-8453 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
KEV E S
CVE-2018-8454 An information disclosure vulnerability exists when Windows Audio Service fails to properly handle o...
S
CVE-2018-8455 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in...
S
CVE-2018-8456 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8457 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
S
CVE-2018-8459 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8460 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8461 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8462 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
S
CVE-2018-8463 An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to esc...
E S
CVE-2018-8464 An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles obje...
S
CVE-2018-8465 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8466 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-8467 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-8468 An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows...
E S
CVE-2018-8469 An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to esc...
E S
CVE-2018-8470 A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled t...
S
CVE-2018-8471 An elevation of privilege vulnerability exists in the way that the Microsoft RemoteFX Virtual GPU mi...
S
CVE-2018-8472 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface...
S
CVE-2018-8473 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8474 A security feature bypass vulnerability exists when Lync for Mac 2011 fails to properly sanitize spe...
E
CVE-2018-8475 A remote code execution vulnerability exists when Windows does not properly handle specially crafted...
S
CVE-2018-8476 A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server...
S
CVE-2018-8477 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8479 A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using th...
S
CVE-2018-8480 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8481 An information disclosure vulnerability exists when Windows Media Player improperly discloses file i...
S
CVE-2018-8482 An information disclosure vulnerability exists when Windows Media Player improperly discloses file i...
S
CVE-2018-8484 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp...
S
CVE-2018-8485 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, ak...
S
CVE-2018-8486 An information disclosure vulnerability exists when DirectX improperly handles objects in memory, ak...
S
CVE-2018-8488 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8489 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly...
S
CVE-2018-8490 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly...
S
CVE-2018-8491 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8492 A security feature bypass vulnerability exists in Device Guard that could allow an attacker to injec...
S
CVE-2018-8493 An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles frag...
S
CVE-2018-8494 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser proce...
S
CVE-2018-8495 A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Window...
E S
CVE-2018-8497 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in...
S
CVE-2018-8498 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8500 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles...
S
CVE-2018-8501 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail...
S
CVE-2018-8502 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8503 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8504 A remote code execution vulnerability exists in Microsoft Word software when the software fails to p...
S
CVE-2018-8505 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8506 An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library hand...
S
CVE-2018-8509 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memo...
S
CVE-2018-8510 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8511 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8512 A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Poli...
S
CVE-2018-8513 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8514 An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initial...
S
CVE-2018-8517 A denial of service vulnerability exists when .NET Framework improperly handles special web requests...
S
CVE-2018-8518 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8522 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly...
S
CVE-2018-8524 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly...
S
CVE-2018-8527 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when...
E S
CVE-2018-8529 A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic...
S
CVE-2018-8530 A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of di...
S
CVE-2018-8531 A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using M...
S
CVE-2018-8532 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when...
E S
CVE-2018-8533 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when...
E S
CVE-2018-8539 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha...
S
CVE-2018-8540 A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate inp...
S
CVE-2018-8541 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8542 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8543 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8544 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in ...
E S
CVE-2018-8545 An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin r...
S
CVE-2018-8546 A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business De...
S
CVE-2018-8547 A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Ac...
S
CVE-2018-8549 A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "W...
S
CVE-2018-8550 An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of P...
E S
CVE-2018-8551 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8552 An information disclosure vulnerability exists when VBScript improperly discloses the contents of it...
E S
CVE-2018-8553 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle ob...
S
CVE-2018-8554 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, ak...
S
CVE-2018-8555 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8556 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8557 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8558 An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link...
S
CVE-2018-8561 An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, ak...
S
CVE-2018-8562 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
S
CVE-2018-8563 An information disclosure vulnerability exists when DirectX improperly handles objects in memory, ak...
S
CVE-2018-8564 A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "M...
S
CVE-2018-8565 An information disclosure vulnerability exists when the win32k component improperly provides kernel ...
S
CVE-2018-8566 A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Enc...
S
CVE-2018-8567 An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-d...
S
CVE-2018-8568 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8569 A remote code execution vulnerability exists in the Yammer desktop application due to the loading of...
S
CVE-2018-8570 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-8572 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8573 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha...
S
CVE-2018-8574 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8575 A remote code execution vulnerability exists in Microsoft Project software when it fails to properly...
S
CVE-2018-8576 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly...
S
CVE-2018-8577 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8578 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses...
S
CVE-2018-8579 An information disclosure vulnerability exists when attaching files to Outlook messages, aka "Micros...
S
CVE-2018-8580 An information disclosure vulnerability exists where certain modes of the search function in Microso...
S
CVE-2018-8581 An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange...
KEV S
CVE-2018-8582 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modi...
S
CVE-2018-8583 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8584 An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Loc...
E S
CVE-2018-8587 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly...
S
CVE-2018-8588 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8589 An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, ...
KEV S
CVE-2018-8592 An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physic...
S
CVE-2018-8595 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
S
CVE-2018-8596 An information disclosure vulnerability exists when the Windows GDI component improperly discloses t...
S
CVE-2018-8597 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8598 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the content...
S
CVE-2018-8599 An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service i...
S
CVE-2018-8600 A Cross-site Scripting (XSS) vulnerability exists when Azure App Services on Azure Stack does not pr...
S
CVE-2018-8602 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sani...
S
CVE-2018-8604 A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile dat...
S
CVE-2018-8605 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does...
S
CVE-2018-8606 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does...
S
CVE-2018-8607 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does...
S
CVE-2018-8608 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does...
S
CVE-2018-8609 A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when ...
S
CVE-2018-8611 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje...
KEV S
CVE-2018-8612 A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails...
S
CVE-2018-8617 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-8618 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8619 A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy do...
E S
CVE-2018-8621 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8622 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-8624 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8625 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in ...
E S
CVE-2018-8626 A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they f...
S
CVE-2018-8627 An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memo...
S
CVE-2018-8628 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail...
S
CVE-2018-8629 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-8631 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
E S
CVE-2018-8634 A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to prop...
S
CVE-2018-8635 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa...
S
CVE-2018-8636 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-8637 An information disclosure vulnerability exists in Windows kernel that could allow an attacker to ret...
S
CVE-2018-8638 An information disclosure vulnerability exists when DirectX improperly handles objects in memory, ak...
S
CVE-2018-8639 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl...
KEV S
CVE-2018-8641 An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails ...
S
CVE-2018-8643 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-8649 A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Win...
S
CVE-2018-8650 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly...
S
CVE-2018-8651 A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a...
S
CVE-2018-8652 A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize...
S
CVE-2018-8653 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
KEV S
CVE-2018-8654 An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dyna...
S
CVE-2018-8661 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2018-8710 A remote code execution issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin be...
CVE-2018-8711 A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin bef...
CVE-2018-8712 An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file...
CVE-2018-8714 Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users to transfer arbitrary files f...
CVE-2018-8715 The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authC...
E S
CVE-2018-8716 WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged atta...
E
CVE-2018-8717 joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator account via a manager/admin_a...
E
CVE-2018-8718 Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows r...
E
CVE-2018-8719 An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-conten...
E
CVE-2018-8720 ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage....
CVE-2018-8721 Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do...
E
CVE-2018-8722 Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multiple XSS issues that were fixed ...
CVE-2018-8724 K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impa...
CVE-2018-8725 K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: ...
CVE-2018-8726 K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: ex...
CVE-2018-8727 Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to trave...
E
CVE-2018-8728 server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in "kontena master login --remo...
S
CVE-2018-8729 Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for Word...
E S
CVE-2018-8732 Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbit...
E
CVE-2018-8733 Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x befo...
E
CVE-2018-8734 SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.1...
E
CVE-2018-8735 Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows a...
E
CVE-2018-8736 A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attack...
E
CVE-2018-8737 Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" func...
E
CVE-2018-8738 Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS....
E
CVE-2018-8739 VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileg...
CVE-2018-8740 In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement coul...
S
CVE-2018-8741 A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or...
S
CVE-2018-8753 The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00....
CVE-2018-8754 The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17...
S
CVE-2018-8755 NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without c...
CVE-2018-8756 Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to a...
E
CVE-2018-8761 protected\apps\member\controller\shopcarController.php in Yxcms building system (compatible cell pho...
CVE-2018-8763 Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to th...
E
CVE-2018-8764 Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_tok...
E
CVE-2018-8765 In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a deni...
E
CVE-2018-8766 joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/...
E
CVE-2018-8767 joyplus-cms 1.6.0 has XSS in manager/admin_ajax.php?action=save&tab={pre}vod_type via the t_name par...
E
CVE-2018-8768 In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to exec...
CVE-2018-8769 elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagna...
E S
CVE-2018-8770 Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getCo...
E
CVE-2018-8772 Coship RT3052 4.0.0.48 devices allow XSS via a crafted SSID field on the "Wireless Setting - Basic" ...
E
CVE-2018-8777 In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview...
S
CVE-2018-8778 In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview...
S
CVE-2018-8779 In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview...
S
CVE-2018-8780 In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview...
S
CVE-2018-8781 The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to a...
S
CVE-2018-8784 FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress...
E S
CVE-2018-8785 FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress...
E S
CVE-2018-8786 FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer ...
E S
CVE-2018-8787 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Ov...
E S
CVE-2018-8788 FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_...
E S
CVE-2018-8789 FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication m...
E S
CVE-2018-8790 Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local l...
CVE-2018-8791 rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process...
S
CVE-2018-8792 rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsr...
S
CVE-2018-8793 rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_r...
S
CVE-2018-8794 rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bou...
S
CVE-2018-8795 rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based ...
S
CVE-2018-8796 rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitma...
S
CVE-2018-8797 rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function proces...
S
CVE-2018-8798 rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_proces...
S
CVE-2018-8799 rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secon...
S
CVE-2018-8800 rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_cli...
S
CVE-2018-8801 GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF i...
E
CVE-2018-8802 SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers ...
CVE-2018-8804 WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial ...
CVE-2018-8805 Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\...
E
CVE-2018-8806 In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Re...
E
CVE-2018-8807 In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Re...
E
CVE-2018-8808 In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c....
E
CVE-2018-8809 In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c....
E
CVE-2018-8810 In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_cl...
E
CVE-2018-8811 Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in ...
E
CVE-2018-8812 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-15610. Reason: This candidat...
R
CVE-2018-8813 Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 ...
E
CVE-2018-8814 Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack...
E
CVE-2018-8815 Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows re...
E
CVE-2018-8817 Wampserver before 3.1.3 has CSRF in add_vhost.php....
E
CVE-2018-8819 An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5. ...
E
CVE-2018-8820 An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in t...
E
CVE-2018-8821 windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service...
CVE-2018-8822 Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the ...
S
CVE-2018-8823 modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro m...
E
CVE-2018-8824 modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro m...
E
CVE-2018-8825 Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary co...
S
CVE-2018-8826 ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before ...
CVE-2018-8827 The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2...
E
CVE-2018-8828 A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x befor...
S
CVE-2018-8831 A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution...
E
CVE-2018-8832 enhavo 0.4.0 has XSS via a user-group that contains executable JavaScript code in the user-group nam...
CVE-2018-8833 Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior ca...
CVE-2018-8834 Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following app...
CVE-2018-8835 Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by process...
CVE-2018-8836 Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage o...
CVE-2018-8837 Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may c...
CVE-2018-8838 A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and e...
CVE-2018-8839 Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where...
CVE-2018-8840 A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versio...
CVE-2018-8841 In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAcc...
CVE-2018-8842 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive ...
M
CVE-2018-8843 Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused...
CVE-2018-8844 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The web application does not, or ...
M
CVE-2018-8845 In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAcc...
CVE-2018-8846 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not neutralize ...
M
CVE-2018-8847 Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which ...
M
CVE-2018-8848 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, ...
M
CVE-2018-8849 Medtronic N'Vision Clinician Programmer Missing Encryption of Sensitive Data
M
CVE-2018-8850 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate in...
M
CVE-2018-8851 Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 ...
CVE-2018-8852 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or oth...
M
CVE-2018-8853 Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Wi...
CVE-2018-8854 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly re...
M
CVE-2018-8855 Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 ...
CVE-2018-8856 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded ...
M
CVE-2018-8857 Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6...
CVE-2018-8858 If an attacker has access to the firmware from the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. ...
CVE-2018-8859 Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 ...
CVE-2018-8860 In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker may be able to capture firmware update...
CVE-2018-8861 Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and ...
CVE-2018-8862 In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a...
M
CVE-2018-8863 Philips EncoreAnywhere Exposure of Sensitive Information to an Unauthorized Actor
M
CVE-2018-8864 In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a...
M
CVE-2018-8865 In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified w...
CVE-2018-8866 In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could perform c...
CVE-2018-8867 In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CP...
M
CVE-2018-8868 Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function
S
CVE-2018-8869 In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. ...
CVE-2018-8870 Medtronic MyCareLink Patient Monitor Use of Hard-coded Password
S
CVE-2018-8871 In Delta Electronics Automation TPEditor version 1.89 or prior, parsing a malformed program file may...
CVE-2018-8872 In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read d...
CVE-2018-8873 In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a deni...
E
CVE-2018-8874 In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of ...
E
CVE-2018-8875 In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of ...
E
CVE-2018-8876 In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of ...
E
CVE-2018-8877 Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmwar...
CVE-2018-8878 Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmwar...
CVE-2018-8879 Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS fi...
E
CVE-2018-8880 Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authenticati...
E
CVE-2018-8881 Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in as...
CVE-2018-8882 Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in ...
CVE-2018-8883 Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser....
CVE-2018-8885 screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-B...
CVE-2018-8888 A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versio...
M
CVE-2018-8889 A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Ser...
CVE-2018-8890 An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8....
CVE-2018-8891 Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry U...
M
CVE-2018-8892 A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versio...
M
CVE-2018-8893 Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the ability to execute arbitrary PHP ...
CVE-2018-8894 In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows local users to cause a denial ...
E
CVE-2018-8895 In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial...
E
CVE-2018-8896 In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial...
E
CVE-2018-8897 A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Develop...
E S
CVE-2018-8898 A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 ...
E
CVE-2018-8899 IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect UR...
S
CVE-2018-8900 The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel L...
CVE-2018-8901 An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. A local user with ...
CVE-2018-8902 An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted produ...
CVE-2018-8903 Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen....
E
CVE-2018-8904 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8905 In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c v...
E S
CVE-2018-8906 dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.h...
E
CVE-2018-8908 An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functiona...
E
CVE-2018-8909 The Wire application before 2018-03-07 for Android allows attackers to write to pathnames outside of...
E
CVE-2018-8910 Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 ...
CVE-2018-8911 Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1...
CVE-2018-8912 Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in Synology Note Station before 2....
CVE-2018-8913 Missing custom error page vulnerability in Synology Web Station before 2.1.3-0139 allows remote atta...
CVE-2018-8914 SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-26...
CVE-2018-8915 Cross-site scripting (XSS) vulnerability in Notification Center in Synology Calendar before 2.1.1-05...
CVE-2018-8916 Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) be...
CVE-2018-8917 Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) before 6....
CVE-2018-8918 Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6...
CVE-2018-8919 Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation Manager ...
CVE-2018-8920 Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM...
CVE-2018-8921 Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2...
CVE-2018-8922 Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticat...
CVE-2018-8923 Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4...
CVE-2018-8924 Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows...
CVE-2018-8925 Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6...
CVE-2018-8926 Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6...
CVE-2018-8927 Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows remote a...
CVE-2018-8928 Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6....
CVE-2018-8929 Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in ...
CVE-2018-8930 The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcemen...
CVE-2018-8931 The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the ...
CVE-2018-8932 The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processo...
CVE-2018-8933 The AMD EPYC Server processor chips have insufficient access control for protected memory regions, a...
CVE-2018-8934 The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, ak...
CVE-2018-8935 The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, ak...
CVE-2018-8936 The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Proc...
CVE-2018-8937 An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload...
E
CVE-2018-8938 A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (...
CVE-2018-8939 An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious act...
CVE-2018-8940 ClientServiceConfigController.cs in Enghouse Cloud Contact Center Platform 7.2.5 has functionality f...
E
CVE-2018-8941 Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow,...
E
CVE-2018-8942 Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter....
CVE-2018-8943 There is a SQL injection in the PHPSHE 1.6 userbank parameter....
CVE-2018-8944 PHPOK 4.8.338 has an arbitrary file upload vulnerability....
CVE-2018-8945 The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd)...
E S
CVE-2018-8947 rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests,...
E S
CVE-2018-8948 In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has multiple XSS issues via a malicio...
S
CVE-2018-8949 An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API in...
S
CVE-2018-8953 CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via ...
CVE-2018-8954 CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a ...
CVE-2018-8955 The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the...
E
CVE-2018-8956 ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast ...
CVE-2018-8957 CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related to admina/mconfigs.inc.php....
E
CVE-2018-8960 The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict m...
E
CVE-2018-8961 In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attack...
E
CVE-2018-8962 In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-...
E
CVE-2018-8963 In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote atta...
E
CVE-2018-8964 In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Remote attackers...
E
CVE-2018-8965 An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary fi...
E M
CVE-2018-8966 An issue was discovered in zzcms 8.2. It allows PHP code injection via the siteurl parameter to inst...
E M
CVE-2018-8967 An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in an adv2.php?ac...
E
CVE-2018-8968 An issue was discovered in zzcms 8.2. user/manage.php allows remote attackers to delete arbitrary fi...
E
CVE-2018-8969 An issue was discovered in zzcms 8.2. user/licence_save.php allows remote attackers to delete arbitr...
E
CVE-2018-8970 The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7....
S
CVE-2018-8971 The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has an...
CVE-2018-8972 Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in the functionality for updatin...
E
CVE-2018-8973 OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWord...
E
CVE-2018-8974 Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute ar...
E
CVE-2018-8975 The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attack...
E
CVE-2018-8976 In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::I...
E S
CVE-2018-8977 In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attack...
E S
CVE-2018-8978 Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI....
E
CVE-2018-8979 Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS s...
E
CVE-2018-8988 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8989 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8990 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8991 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8992 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8993 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8994 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8995 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8996 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8997 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS)...
E
CVE-2018-8998 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to c...
E
CVE-2018-8999 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.