Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

6.5

MEDIUM

CVE-2018-14008

Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled....

Affected Products : eos
Published: Aug. 15, 2019

Modified: Nov. 21, 2024
10.0

HIGH

CVE-2018-14007

Citrix XenServer 7.1 and newer allows Directory Traversal....

Affected Products : xenserver
Published: Aug. 15, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-14006

An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user's balance....

Affected Products : ngtoken
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-14005

An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance....

Affected Products : malaysiancoin
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-14004

An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance....

Affected Products : globecoin
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-14003

An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance....

Affected Products : wmctoken
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-14002

An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance....

Affected Products : mp3_coin
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-14001

An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance....

Affected Products : sharktech
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2018-13999

Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator)....

Affected Products : catfish_cms catfish-cms
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2018-13998

ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users....

Affected Products : clippercms
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-13997

Genann through 2018-07-08 has a SEGV in genann_run in genann.c....

Affected Products : genann
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-13996

Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c....

Affected Products : genann
Published: Jul. 12, 2018

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2018-13994

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections....

Affected Products : fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firmware fl_switch_3006t-2fx_st_firmware fl_switch_3012e-2sfx_firmware fl_switch_3016e_firmware +48 more products
Published: May. 07, 2019

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2018-13993

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF....

Affected Products : fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firmware fl_switch_3006t-2fx_st_firmware fl_switch_3012e-2sfx_firmware fl_switch_3016e_firmware +48 more products
Published: May. 07, 2019

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-13992

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default....

Affected Products : fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firmware fl_switch_3006t-2fx_st_firmware fl_switch_3012e-2sfx_firmware fl_switch_3016e_firmware +48 more products
Published: May. 07, 2019

Modified: Nov. 21, 2024
5.3

MEDIUM

CVE-2018-13991

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images....

Affected Products : fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firmware fl_switch_3006t-2fx_st_firmware fl_switch_3012e-2sfx_firmware fl_switch_3016e_firmware +48 more products
Published: May. 07, 2019

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-13990

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts....

Affected Products : fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firmware fl_switch_3006t-2fx_st_firmware fl_switch_3012e-2sfx_firmware fl_switch_3016e_firmware +48 more products
Published: May. 06, 2019

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2018-13989

Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device....

Affected Products : grundig_smart_inter\@ctive_firmware grundig_smart_inter\@ctive
Published: Jul. 11, 2018

Modified: Nov. 21, 2024
6.5

MEDIUM

CVE-2018-13988

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable wh...

Affected Products : ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation openshift_container_platform poppler ansible_tower
Published: Jul. 25, 2018

Modified: Nov. 21, 2024
6.1

MEDIUM

CVE-2018-13983

ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php....

Affected Products : impresscms
Published: May. 06, 2019

Modified: Nov. 21, 2024

Showing 20 of 294733 Results

Browse by Apps

Latest CVE Feed

6.5

10.0

7.5

7.5

7.5

7.5

7.5

7.5

4.8

4.8

7.5

9.8

7.5

8.8

9.8

5.3

9.8

8.8

6.5

6.1

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable