Search
Search Results (342089 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16642 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. | ||||
| CVE-2018-16641 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c. | ||||
| CVE-2018-16640 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. | ||||
| CVE-2018-16639 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | N/A |
| Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation. | ||||
| CVE-2018-16638 | 1 Modx | 1 Evolution Cms | 2024-11-21 | N/A |
| Evolution CMS 1.4.x allows XSS via the manager/ search parameter. | ||||
| CVE-2018-16637 | 1 Modx | 1 Evolution Cms | 2024-11-21 | N/A |
| Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI. | ||||
| CVE-2018-16636 | 1 Nucleuscms | 1 Nucleus Cms | 2024-11-21 | N/A |
| Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter. | ||||
| CVE-2018-16635 | 1 Blackcat-cms | 1 Blackcat Cms | 2024-11-21 | N/A |
| Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php. | ||||
| CVE-2018-16634 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | N/A |
| Pluck v4.7.7 allows CSRF via admin.php?action=settings. | ||||
| CVE-2018-16633 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | N/A |
| Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page title. | ||||
| CVE-2018-16632 | 1 Jupo | 1 Mezzanine | 2024-11-21 | N/A |
| Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/. | ||||
| CVE-2018-16631 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | N/A |
| Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter. | ||||
| CVE-2018-16630 | 1 Getkirby | 1 Kirby | 2024-11-21 | N/A |
| Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file. | ||||
| CVE-2018-16629 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | N/A |
| panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element. | ||||
| CVE-2018-16628 | 1 Getkirby | 1 Kirby | 2024-11-21 | N/A |
| panel/login in Kirby v2.5.12 allows XSS via a blog name. | ||||
| CVE-2018-16627 | 1 Getkirby | 1 Kirby | 2024-11-21 | N/A |
| panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature. | ||||
| CVE-2018-16626 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | N/A |
| index.php/Admin/Classes in Typesetter 5.1 allows XSS via the description of a new class name. | ||||
| CVE-2018-16625 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | N/A |
| index.php/Admin/Uploaded in Typesetter 5.1 allows XSS via an SVG file with JavaScript in a SCRIPT element. | ||||
| CVE-2018-16624 | 1 Getkirby | 1 Kirby | 2024-11-21 | N/A |
| panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page. | ||||
| CVE-2018-16623 | 1 Getkirby | 1 Kirby | 2024-11-21 | N/A |
| Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown. | ||||